Millions of Wordpress and Drupal websites around the world are in need of an immediate upgrade due to a security vulnerability. The vulnerability uses an XML Quadratic Blowup Attack which is a sub-attack from the well-known Billion Laughs attack. This attack (if executed) can cause the complete central processing unit (CPU) and memory failure. It can lead to denial of service (DOS), unavailable and unresponsive sites.
↧