Skip to main content

Drupal Remote Code Execution Vulnerability

Last Update Date: 19 Nov 2020 10:20 Release Date: 19 Nov 2020 5216 Views

RISK: Medium Risk

TYPE: Servers - Internet App Servers

TYPE: Internet App Servers

A vulnerability was identified in Drupal, a remote user could exploit this vulnerability to trigger remote code execution on the targeted system.


Impact

  • Remote Code Execution

System / Technologies affected

  • Drupal 7
  • Drupal 8.8 or earlier
  • Drupal 8.9
  • Drupal 9.0

Solutions

Before installation of the software, please visit the vendor web-site for more details.

  • Drupal 7: Update to Drupal 7.74
  • Drupal 8.8 or earlier: Update to Drupal 8.8.11
  • Drupal 8.9: Update to Drupal 8.9.9
  • Drupal 9.0: Update to Drupal 9.0.8

Vulnerability Identifier


Source


Related Link