CVE-2024-11942
CVSS 3.1 Score 5.9 of 10 (medium)
Details
Published Dec 5, 2024
CWE ID 390
Summary
CVE-2024-11942 is a newly disclosed vulnerability affecting Drupal Core versions prior to 10.2.10. This issue grants attackers the ability to manipulate files, posing a significant security risk. The flaw in Drupal's core functionality allows unauthorized modification or creation of files, potentially leading to data breaches or unintended system changes. The vulnerability is critical and requires immediate attention from Drupal site administrators by upgrading to a patched version or applying appropriate security measures.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Drupal
Affected Vendors
- Drupal