Arbitrary Code Execution Vulnerability in Drupal Core 8.

Arbitrary Code Execution Vulnerability in Drupal Core 8.

CVE-2017-6920 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Drupal core 8 before versions 8.3.4 allows remote attackers to execute arbitrary code due to the PECL YAML parser not handling PHP objects safely during certain operations.

Learn more about our Web Application Penetration Testing UK.