FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

drupal -- Drupal core - Highly critical - Remote Code Execution

Affected packages
drupal8 < 8.6.10

Details

VuXML ID 002b4b05-35dd-11e9-94a8-000ffec0b3e1
Discovery 2019-02-20
Entry 2019-02-21

Drupal Security Team

Some field types do not properly sanitize data from non-form sources. This can lead to arbitrary PHP code execution in some cases..

[source]

References

CVE Name CVE-2019-6340
URL https://www.drupal.org/sa-core-2019-002

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.