Skip to main content

Vulnerability in the Drupal content management system

The ACSC has become aware of a critical vulnerability in the Drupal content management system. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised.

Alert status
CRITICAL

A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised.

Was this information helpful?
Was this information helpful?

Thanks for your feedback!

 
Optional

Tell us why this information was helpful and we’ll work on making more pages like it