Skip to main content

Drupal Remote Code Execution Vulnerability

Release Date: 22 Jan 2021 7317 Views

RISK: Medium Risk

TYPE: Servers - Internet App Servers

TYPE: Internet App Servers

A vulnerability was identified in Drupal, a remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.


Impact

  • Remote Code Execution

System / Technologies affected

  • Drupal 7
  • Drupal 8.9
  • Drupal 9.0
  • Drupal 9.1

Solutions

Before installation of the software, please visit the vendor web-site for more details.

  • Drupal 7: Update to Drupal 7.78
  • Drupal 8.9: Update to Drupal 8.9.13
  • Drupal 9.0: Update to Drupal 9.0.11
  • Drupal 9.1: Update to Drupal 9.1.3

Vulnerability Identifier


Source


Related Link