FreeBSD : drupal -- PHP code execution vulnerabilities (f241641e-f5ea-11d9-a6db-000d608ed240)
High Nessus Plugin ID 19359
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionKuba Zygmunt discovered a flaw in the input validation routines of Drupal's filter mechanism. An attacker could execute arbitrary PHP code on a target site when public comments or postings are allowed.
SolutionUpdate the affected package.