1 matches found
Remote Code Execution (RCE).
drupal/core is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsanitized shell arguments in DefaultMailSystem::mail, which could be exploited to execute arbitrary code...