Lucene search
GoogleOSV:GHSA-JF8C-36VW-98X4HistoryMay 15, 2024 - 8:59 p.m.
Drupal core Remote Code Execution
2024-05-1520:59:25
Google
osv.dev
2
drupal
remote code execution
email vulnerability
defaultmailsystem
8 High
AI Score
Confidence
Low
In Drupal core, when sending email some variables were not being sanitized for shell arguments in DefaultMailSystem::mail(), which could lead to remote code execution.
8 High
AI Score
Confidence
Low