Drupal: CVE-2014-5266 : SA-CORE-2014-004 - Drupal core - Denial of service
|5||(AV:N/AC:L/Au:N/C:N/I:N/A:P)||August 18, 2014||August 02, 2017||August 02, 2017|
The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, does not limit the number of elements in an XML document, which allows remote attackers to cause a denial of service (CPU consumption) via a large document, a different vulnerability than CVE-2014-5265.
Scan For This Vulnerability
Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities