Administrators of the Drupal open source content management platform are rushing to install an emergency patch issued today to fix a “highly critical” SQL injection vulnerability in the application’s core. While the vulnerability only affects websites that use the PostgreSQL database, there may be upstream issues with Symfony, a set of PHP packages and web application frameworks used by Drupal, and Twig, an open-source template engine for the PHP programming language. Consequently, Twig was u...

Read the original article