Critical Vulnerability in Drupal Core
Among content management systems (CMS) widely used around the world, a dangerous vulnerability has been identified in Drupal Core. Exploiting this vulnerability allows attackers to execute malicious code through users’ browsers. This vulnerability is mainly related to the Overlay module in Drupal 7 versions and leads to a cross-site scripting (XSS) issue. As a result, it poses a significant threat to system users and websites.
Here is a summary of the vulnerability:
- Vulnerability Identifier: SA-CORE-2024-005
- Type: Reflected Cross-Site Scripting (XSS)
- Severity: Critical
- Description: The Overlay module in Drupal 7 fails to properly sanitize user input. Attackers can exploit this flaw to execute malicious JavaScript code in the victim’s browser.
Consequences of Exploiting the Vulnerability:
- Theft of sensitive information, including session tokens and cookies.
- Unauthorized actions performed on behalf of the victim.
- Modification of the website’s appearance to conduct phishing attacks.
Affected Versions
This vulnerability only affects the following versions:
- All versions prior to Drupal 7.102.
Recommended Mitigations
Users of Drupal are advised to take the following actions:
- Drupal 7 users should update their system to version 7.102 or higher.
- To fully mitigate the issue, the Overlay module can be disabled.
Additional Information
- Drupal 8, 10, and 11 are not affected by this vulnerability as the Overlay module was removed from these versions of Drupal.
- The vulnerability can only be exploited if the Overlay module is enabled and the user has administrative access.
Conclusion and Recommendations
To reduce the risks associated with this vulnerability, users of affected Drupal versions should update their systems as soon as possible.
Regular system updates and addressing vulnerabilities are the most effective ways to ensure security. Drupal users should remain vigilant and monitor the security status of their systems.
