Skip to main content

Drupal

New Malware Injection Method: PDF Upload Fields

Recently we discovered a new threat affecting our Drupal website clients, specifically those with web forms (also known as the webform module) that contain a file upload field. It is not uncommon for a site to collect a file such as an image or PDF via their website to better communicate with their visitors. Because this is a standard feature and often open to the public, it has become a target for malware. This particular threat involves the upload of a PDF through a web form.

Subscribe to Drupal