Drupal is one of the most versatile CMS of today and with which many of the web pages that we visit daily are built. As per the definition given on its official website, “Drupal is content management software. It is used to create many of the webs and applications of daily use”.
With a flexible and modular system, Drupal has managed to impress developers when they have to design a web page that is easy to use for the common user.
Being Drupal one of the most widely used CMS worldwide, it must have a reliable security protocol, with which its users can rest assured that their information and data will not be compromised.
In the most recent update of this versatile technology, some security patches were alerted that presented flaws, in addition to improving the writing of code, a key aspect for all Drupal developers.
In Security Week magazine they detailed “Drupal has published four notices that describe four types of vulnerabilities. One of them has been qualified as "critical" and the other three as "moderately critical". Drupal uses the NIST Common Abuse Scoring System to rate vulnerabilities, rather than CVSS, and flaws are graded "less critical," "moderately critical," "critical," and "highly critical."
The magazine's Drupal specialists went on to say “The 'critical' vulnerability, tracked as CVE-2022-25277, affects Drupal 9.3 and 9.4. The issue affects Drupal core and can lead to the execution of arbitrary PHP code on Apache web servers when uploading specially crafted files. The Drupal developers noted that only Apache web servers are affected and only with specific configurations. They have advised website administrators to check their server for possible signs of compromise."
Drupal is one of the most used CMS by companies and developers to build their web pages, but it has strong competition: WordPress. The CMS par excellence of bloggers and news portals has established itself strongly in the world of the internet.
Drupal and WordPress have marked differences and here we will review the most important ones, leaving it up to the developer which one to use for their project:
These are the main differences between both CMS, leaving it up to developers which one best suits their needs. At Rootstack, we have experts in both technologies who can take on any project that comes their way.