Vulnerability Database
289,599
Total vulnerabilities in the database
Drupal core Remote Code Execution
In Drupal core, when sending email some variables were not being sanitized for shell arguments in DefaultMailSystem::mail(), which could lead to remote code execution.
| Software | From | Fixed in |
|---|---|---|
drupal / drupal
|
7.0 | 7.60 |
|
drupal / drupal
|
8.0.0 | 8.5.8 |
|
drupal / drupal
|
8.6.0 | 8.6.2 |