Drupal security advisory-CVE-2020-13671
NAME
Drupal – Drupal
- Platforms Affected:
Drupal - Risk Level:
low - CVE Type:
Unrestricted file upload
DESCRIPTION
CVE-2020-13671 is an unrestricted file upload vulnerability impacting Drupal versions 7.0 through 7.73, 8.8 through 8.8.10, 8.9 through 8.9.8, and 9.0 through 9.0.7. A proof of concept (PoC) was not observed publicly or in the underground.
CVSS Information:
- CVSS 2.0 SCORE: 6.5
- CVSS 3.0 SCORE: 8.8
- Exploit Disclosed in the Public:
true - Exploit Weaponised:
- PoC Link:
MITIGATION
Drupal addressed the vulnerability in a security advisory with updated versions.
- Reference Link:
https://www.drupal.org/sa-core-2020-012 - Patch Available:
available
If you like the site, please consider joining the telegram channel and supporting us on Patreon using the button below.