Drupal sites vulnerable to double-extension attacks | ZDNet
The team driving the Drupal material administration program (CMS) has unveiled protection updates to patch a significant vulnerability that can grant attackers complete handle around vulnerable web sites.
