CVE-2018-7600: Drupal Core Remote Code Execution Vulnerability. Drupal
Drupal Core Remote Code Execution Vulnerability. Drupal Core contains a remote code execution vulnerability that could allow an attacker to exploit multiple attack vectors on a Drupal site, resulting in complete site compromise.
- CISA KEV-listed (remediation due 2022-05-03)
- used in ransomware campaigns
- EPSS 94.5% (100.0% percentile)