Description
A vulnerability in multiple subsystems of Drupal allows remote attackers to execute arbitrary operating system commands on the server, leading to potential compromise of the affected system.
Recommendation
Mitigate the risk by upgrading Drupal to the latest stable version that includes patches for the vulnerability.
References
Related Issues
- Apache 2.4.49 Path Traversal and RCE - CVE-2021-41773, CVE-2021-42013
- Apache Struts 2 Forced double OGNL evaluation S2-059 - CVE-2019-0230
- Apache Struts 2 RCE S2-045 - CVE-2017-5638
- Apache Struts 2 REST plugin XStream RCE S2-052 - CVE-2017-9805
- Tags:
- RCE
- Drupal
- Injection
Anything's wrong? Let us know Last updated on May 13, 2024