CVE-2016-3168

CVE-2016-3168

The System module in Drupal 6.x before 6.38 and 7.x before 7.43 might allow remote attackers to hijack the authentication of site administrators for requests that download and run files with arbitrary JSON-encoded content, aka a "reflected file download vulnerability."

Source: CVE-2016-3168

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다