U.S. Flag Official website of the Department of Homeland Security
TLP:WHITE

Drupal Releases Security Advisory

Original release date: October 17, 2014

Drupal has released a security advisory to address an application program interface (API) vulnerability (CVE-2014-3704) that could allow an attacker to execute arbitrary SQL commands on an affected system.

This vulnerability affects all Drupal core 7.x versions prior to 7.32.

US-CERT advises users and administrators review Drupal's Security Advisory and apply the necessary update or patch.

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top