Highly critical – Remote code execution on #Drupal 7.x

This module enables you to expose #Drupal entities as RESTful web services.

RESTWS alters the default page callbacks for entities to provide additional functionality.

A #vulnerability in this approach allows an attacker to send specially crafted requests resulting in arbitrary #PHP execution.

There are no mitigating factors. This vulnerability can be exploited by anonymous users.

More info: https://s.ibscc.net/LqXJM

Share on telegram
Share on whatsapp
Share on facebook
Share on twitter
Share on linkedin
Share on email

internet business solutions