Drupal Core - Remote Code Execution (CVE-2019-6340)

Drupal Core is affected by a Remote Code Execution vulnerability. The root cause of this vulnerability consists in the insufficient sanitization of user input that is sent through non-form sources. This allows a malicious unauthenticated attacker to execute arbitrary code on the server.

Drupal 核心版本受到远程代码执行漏洞的影响。该漏洞的根本原因在于对通过非表单来源发送的用户输入的清理不足，这使得恶意未认证的攻击者能够在服务器上执行任意代码。