Drupal addressed CVE-2020-13671 Remote Code Execution flaw
Security Affairs
NOVEMBER 19, 2020
The vulnerability could be exploited by an attacker by uploading files with certain types of extensions (phar, php, pl, py, cgi, html, htm, phtml, js, and asp) to the server to achieve remote code execution. The vulnerability, tracked as CVE-2020-13671, has been classified as critical according to the NIST Common Misuse Scoring System.
Let's personalize your content