Remote Code Execution
Affecting drupal/drupal package, versions >=7.0.0, <7.60 || >=8.0.0, <8.5.8 || >=8.6.0, <8.6.2
drupal/drupal is an open source content management platform powering millions of websites and applications.
Affected versions of this package are vulnerable to Remote Code Execution via the contextual links module due to insufficient validation.
drupal/drupal to versions 7.60, 8.5.8, 8.6.2 or higher.
- Nick Booher
- Snyk ID
- 17 Oct, 2018
- 22 Oct, 2018