CVE-2018-7602: Drupal Core Remote Code Execution Vulnerability. A remote
Drupal Core Remote Code Execution Vulnerability. A remote code execution vulnerability exists within multiple subsystems of Drupal that can allow attackers to exploit multiple attack vectors on a Drupal site.
- CISA KEV-listed (remediation due 2022-05-04)
- used in ransomware campaigns
- EPSS 94.4% (100.0% percentile)