Welcome to WebmasterWorld Guest from 220.127.116.11
Forum Moderators: ergophobe
joined:Nov 11, 2000
If your website runs on a self-hosted WordPress installation or on Drupal, update your software now.
Nir Goldshlager [breaksec.com], a security researcher from Salesforce.com's product security team, has discovered an XML vulnerability that impacts the popular website platforms WordPress and Drupal.
The vulnerability uses a well-known XML Quadratic Blowup Attack — and when executed, it can take down an entire website or server almost instantly....
Because of the potential vector size of this vulnerability, xxxx made sure to responsibly disclose the vulnerability to the WordPress and Drupal teams before sharing the results with the public.