Drupal Remote Code Execution Vulnerability

Drupal Remote Code Execution Vulnerability (CVE-2020-13671) Threat Alert

dezembro 11, 2020

Overview

On November 19, 2020 (Beijing time), Drupal released a security advisory that fixes a remote code execution vulnerability (CVE-2020-13671). Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations.

(mais…)

Drupal Remote Code Execution Vulnerability Threat Alert

outubro 24, 2018

Overview

Recently, Drupal released an official security advisory to announce the fixes for multiple security issues, including two critical remote code execution vulnerabilities which affect Drupal 7 and 8.

The two critical vulnerabilities are described as follows: (mais…)

Search

Inscreva-se no Blog da NSFOCUS