Drupal has patched two Moderately Critical HTML processing and denial of service vulnerabilities (CVE-2022-24728 and CVE-2022-24729) that affect multiple versions of Drupal Core.
WordPress has released WordPress 5.8.1 security and maintenance update that includes fixes for 3 security vulnerabilities and 60 bugs. All WordPress versions between 5.4 and 5. 8 are affected.
Cybersecurity researchers have discovered a series of chained Atlassian vulnerabilities that could have allowed an attacker to take over an Atlassian account connected via SSO and control Atlassian applications.
Drupal has patched a Moderately Critical cross-site scripting (XSS) vulnerability in Drupal Core.
Drupal has patched a Critical cross-site scripting (XSS) vulnerability in Drupal Core. A remote attacker could exploit this vulnerability to compromise an affected system.
A WordPress plugin WPBakery Authenticated Stored Cross-Site Scripting (XSS) vulnerability has exposed over 4M sites.
Drupal has released security updates that fix a Critical XSS bug and 4 other vulnerabilities in multiple versions of Drupal. A remote attacker could exploit these vulnerabilities to compromise an affected system.
Palo Alto Networks has fixed a Critical buffer overflow vulnerability that could allow an attacker to execute remote code as root on PAN-OS devices, along with multiple other High severity issues.
Adobe has released security updates to address vulnerabilities in Magento Commerce 1 and Magento Open Source 1. The company also warned that older Magento 1.x versions will be end of life (EOL) and no longer get software support after this patch update.
WordPress has released WordPress 5.4.2 security and maintenance update that includes fixes for multiple security issues and bugs. All WordPress versions 5.4.1 and earlier are affected.