|
Drupal Arbitrary PHP Code Execution Vulnerability
Drupal is prone to a vulnerability that permits the execution of arbitrary PHP code. This issue is due to a failure in the application to properly sanitize user-supplied input. The application's filter mechanism fails to properly sanitize user-supplied input to 'comments' and 'postings'. The vendor has addressed this issue in Drupal versions 4.6.2 and 4.5.4; earlier versions are reported vulnerable. |
|
 Privacy Statement |
