vulnerability
FreeBSD: VID-89CA6F7D-4F00-11E8-9B1D-00E04C1EA73D: drupal -- Drupal Core - Multiple Vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Apr 25, 2018 | May 4, 2018 | Feb 19, 2025 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Apr 25, 2018
Added
May 4, 2018
Modified
Feb 19, 2025
Description
Drupal Security Team reports:
A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x.
This potentially allows attackers to exploit multiple attack vectors on a Drupal site,
which could result in the site being compromised. This vulnerability is related to
Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002.
Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild.
Solutions
freebsd-upgrade-package-drupal7freebsd-upgrade-package-drupal8
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.