Threat Advisories - NVD Disclosed November 20, 2020

CVE-2020-13671

Drupal Core File Upload Vulnerability.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A vulnerability in Drupal core affects file upload processing, potentially allowing incorrect file execution or MIME type serving. This impacts organizations using Drupal, posing a risk to system integrity and data.

NVD published: November 20, 2020 • CISA KEV