Advisories

Drupal core – Critical – Remote code execution – SA-CORE-2020-012

Acaban de soltarlo, critica … 17 sobre 25. Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations.

https://www.drupal.org/sa-core-2020-012

Deja un comentario

Este sitio usa Akismet para reducir el spam. Aprende cómo se procesan los datos de tus comentarios.