| Name | drupal_services_rce |
| CVE | CVE-2019-6340 |
| Exploit Pack | CANVAS |
| Description | CVE-2019-6340 |
| Notes | CVE Name: CVE-2019-6340 VENDOR: Drupal NOTES: An unauthenticated unserialization bug can be exploited on the RESTful Web Services module on the Drupal core for the following versions: * 7.X (Depends on enabled third party modules) * 8.5.X < 8.5.11 * 8.6.X < 8.6.10 Repeatability: Infinite References: https://www.drupal.org/sa-core-2019-003 CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-6340 Date public: 22/02/2019 |
| Learn more about the CANVAS Exploit Pack here: CANVAS |