Drupal Security Advisories
This module enables you to collapse your sites main menu on mobile, and show a menu toggle button.
The module doesn't sufficiently sanitize configuration settings provided by users which leads to a Cross Site Scripting (XSS...
This module enables Drupal to synchronize entities with Salesforce records. The module includes a page that does not sufficiently protect access rights, resulting in potential information disclosure.
This vulnerability is mitigated by the fact that only Drupal...
The Password Policy module makes it possible to set constraints on user passwords which disallow certain passwords.
The "digit placement" constraint is vulnerable to Denial of Service attacks if an attacker submits specially crafted...
This articles features links and information from the Peerless design Security presentation from various Drupal Camps in the Eastern US. Audio from New Jersey's impromptu presentation can be found on the Drupal Camp NJ site for 2014. The PDF version contains all info removed to accommodate time constraints. The entire presentation is available in a white paper available here.
Drupal Weekly Drop
This will be the final issue of TheWeeklyDrop for 2018. I'll be taking some time off to spend with family. I hope you all have a wonderful month and I'll be back in 2019.
I'm back after taking the week off for the Thanksgiving holiday here in the U.S and this issue is packed full of goodness.
Drupal has evolved significantly over the course of its long history. When I first built the Drupal project eighteen years ago, it was a message board for my friends that I worked on in my spare time. Today, Drupal runs two percent of all websites on the internet with the support of an open-source community that includes hundreds of thousands of people from all over the world.
Today, Drupal is going through another transition as its capabilities and applicability continue to expand...