Security

Security

Security

Moderately Critical Lottiefiles Field Security Update

Share

× SHARE

The module does not sufficiently filter user-provided text on output, resulting in a Cross-Site Scripting (XSS) vulnerability. The solution is to use the latest updated version. ...more

Read Full Content
Security

Crtical Config Terms Security Update

Share

× SHARE

The module doesn't sufficiently check access for the edit and delete operations. Users with "access content" permission can edit or delete any term. To solve this issue use the latest version. ...more

Read Full Content
Security

Drupal 9.3.17 Update

Share

× SHARE

This is a patch (bugfix) release of Drupal 9 due to the two security advisories released by Guzzle. ...more

Read Full Content
Security

Drupal 9.4.1 Released

Share

× SHARE

This is a patch (bugfix) release of Drupal 9 due to the third-party Guzzle security advisories. ...more

Read Full Content
Security

Drupal Core Composer Dependencies Security Policy Updated

Share

× SHARE

Here are the security policy updates for Drupal Core Composer Dependencies PSA-2022-06-20. ...more

Read Full Content
Security

Moderately Critical Drupal Core Security Update

Share

× SHARE

On Friday, Drupal Security Team released Moderately Critical Drupal Core Security Update for Third-party Integration Guzzle library. ...more

Read Full Content
Security

Drupal 9.3.15 Released

Share

× SHARE

Drupal 9.3.15 is a patch (bugfix) release of Drupal 9 and is ready for use on production sites. ...more

Read Full Content
Security

Fairly Critical SQL Injection Vulnerability in Anti-Spam by CleanTalk

Share

× SHARE

...more

Read Full Content
Security

Drupal 7 Moderately Critical Privilege Escalation Vulnerability in Role Delegation

Share

× SHARE

The Drupal Security team announced on March 23rd, 2022 the moderately critical Privilege escalation vulnerability in the Role Delegation project according to the Security advisory SA-CONTRIB-2022-031. ...more

Read Full Content
Security

Critical Vulnerability in Unsupported Colorbox Node Project

Share

× SHARE

The Drupal Security team announced the Colorbox Node project as unsupported on March 23rd, 2022, and therefore the vulnerability that was detected as critical according to the Security advisory SA-CONTRIB-2022-030 ...more

Read Full Content
Security

Drupal 9 Core with Moderately Critical Vulnerability in Guzzle Library

Share

× SHARE

The Drupal Security Team announced on March 21, 2022, a moderately critical vulnerability in Drupal 9 Core third party library SA-CORE-2022-006. ...more

Read Full Content
Security

Drupal 9 Core with Moderately Critical Vulnerability in Third-Party Libraries

Share

× SHARE

The Drupal Security team announced on March 16, 2022, a moderately critical vulnerability in Drupal 9 Core third-party libraries SA-CORE-2022-005. ...more

Read Full Content

Latest

ECA, FlowDrop, and Maestro Maintainers Explore Shared Drupal Automation Layer

16 June 2026
Open Source Essay Challenges Platform Consolidation and Vendor Lock-In

16 June 2026
Automated Tests Help Validate Drupal Module Update Hooks

16 June 2026

Follow @thedroptimes