CVE-2016-3163: Brute force amplification attacks via XML-RPC

April 12, 2016 (updated April 18, 2016)

The XML-RPC system in Drupal might make it easier for remote attackers to conduct brute-force attacks via a large number of calls made at once to the same method.

References

www.drupal.org/SA-CORE-2016-001

Code Behaviors & Features

Detect and mitigate CVE-2016-3163 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →