CERT-In detects multiple threats with high severity in Microsoft Edge and Drupal
The HinduThe threat alert was shared in a report. It points to vulnerabilities that can be exploited by remote attackers to bypass security restrictions and execute arbitrary code or cause denial of service on the targeted systems. CERT-In has also issued vulnerability alerts for Drupal Core Drupal Core Multiple vulnerabilities have been detected in Drupal Core which can allow remote attackers to execute arbitrary code, access sensitive information, and cause cross-site scripting attacks on the targeted systems. The vulnerability can be exploited by sending specially crafted requests on the targeted systems and their successful exploitation can allow attackers to access sensitive information. The Cross site scripting vulnerability in Drupal Core exists because the Media Embed frame route does not properly validate domain parameters.