image credit: Pxhere

Remote Code Execution Vulnerability Patched in Drupal

November 19, 2020

The vulnerability, tracked as CVE-2020-13671, has been classified as critical, but it’s worth mentioning that Drupal uses the NIST Common Misuse Scoring System, which assigns vulnerabilities a score ranging between 0 and 25, with “critical” being only the second highest rating, after “highly critical.”

An attacker who can upload files to a server can use certain types of extensions to bypass restrictions and get malicious code executed.

Read More on Security Week