Recently, Drupal released a patch for a critical remote code execution vulnerability (SA-CORE-2019-003), tracked as CVE-2019-6340. This vulnerability can be easily exploited by a remote attacker to execute arbitrary code on the targeted system when the RESTful Web Services module is enabled and the GET, POST, PATCH or POST method request is allowed. This isn’t … Continue reading “Drupal Remote Code Execution Vulnerability (SA-CORE-2019-003)”