Drupal Core '.htaccess' File Security Bypass Weakness

Drupal Core '.htaccess' File Security Bypass Weakness

Drupal is prone to a security-bypass weakness.

Attackers can exploit this issue to bypass intended security restrictions and execute arbitrary code. This may aid in further attacks.

Drupal core 6.x versions prior to 6.29 and 7.x versions prior to 7.24 are vulnerable.