Cybersecurity Alerts

Actively Exploited Vulnerabilities

← Back to Cybersecurity Alerts

CVE-2018-7600

Drupal | Drupal CoreAdded 2021-11-03Remediation Deadline 2022-05-03Active Ransomware Campaign

Drupal Core Remote Code Execution Vulnerability

Drupal Core contains a remote code execution vulnerability that could allow an attacker to exploit multiple attack vectors on a Drupal site, resulting in complete site compromise.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-20

References