Retired: Drupal Preview Comments Remote Command Execution Vulnerability

Retired: Drupal Preview Comments Remote Command Execution Vulnerability

Drupal is prone to a remote command-execution vulnerability because the application fails to properly sanitize user-supplied input.

Exploiting this issue allows attackers to execute arbitrary commands in the context of the webserver.

A successful exploit could facilitate the compromise of an affected computer; other attacks are also possible.

NOTE: This BID is being retired because this issue was addressed in BID 22306 (Drupal Comment_Form_Add_Preview Function Remote Code Execution Vulnerability).