Brute force amplification attacks via XML-RPC

PKSA-q6pn-qvfp-f7kp CVE-2016-3163

Affected package: drupal/drupal

Affected version: >=8.0,<8.0.4

Reported by:
FriendsOfPHP/security-advisories