Drupal Remote Code Execution Vulnerability Archives

Drupal Remote Code Execution Vulnerability (CVE-2020-13671) Threat Alert

Por adminPostou 11 de dezembro de 2020

Overview On November 19, 2020 (Beijing time), Drupal released a security advisory that fixes a remote code execution vulnerability (CVE-2020-13671). Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or...

Drupal Remote Code Execution Vulnerability Threat Alert

Por adminPostou 24 de outubro de 2018

Overview Recently, Drupal released an official security advisory to announce the fixes for multiple security issues, including two critical remote code execution vulnerabilities which affect Drupal 7 and 8. The two critical vulnerabilities are described as follows: (mais…)