2 matches found
PT-2024-40345 · Unknown · Contextual Links
Name of the Vulnerable Software and Affected Versions: Contextual Links module affected versions not specified Description: The issue arises from insufficient validation of requested contextual links by the Contextual Links module. However, the risk is mitigated because an attacker would need to...
Critical RCE Bugs Patched in Drupal 7 and 8
Drupal is urging users to upgrade to the latest release that fixes two critical remote code execution bugs impacting Drupal 7 and Drupal 8. Developers have also identified three additional “moderately critical” vulnerabilities. “A remote attacker could exploit some of these vulnerabilities to tak...