Drupal Remote Code Execution Vulnerabilities
Last Update Date:
30 Nov 2020 10:04
Release Date:
30 Nov 2020
4971
Views
RISK: Medium Risk
TYPE: Servers - Internet App Servers
Multiple vulnerabilities were identified in Drupal, a remote user could exploit some of these vulnerabilities to trigger remote code execution on the targeted system.
Impact
- Remote Code Execution
System / Technologies affected
- Drupal 7
- Drupal 8.8 or earlier
- Drupal 8.9
- Drupal 9.0
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Drupal 7: Update to Drupal 7.75
- Drupal 8.8 or earlier: Update to Drupal 8.8.12
- Drupal 8.9: Update to Drupal 8.9.10
- Drupal 9.0: Update to Drupal 9.0.9
Vulnerability Identifier
Source
Related Link
Share with