CVE-2016-3168

Posted on 2016년 4월 13일2016년 4월 13일 by admin

CVE-2016-3168

The System module in Drupal 6.x before 6.38 and 7.x before 7.43 might allow remote attackers to hijack the authentication of site administrators for requests that download and run files with arbitrary JSON-encoded content, aka a "reflected file download vulnerability."

Source: CVE-2016-3168

답글 남기기 응답 취소