Drupal Critical Flaw Exposes Million Websites to Attacks. A highly critical vulnerability exposing a million of Drupal based websites to exploit and full control. Jasper Mattsson have discovered a serious remove code execution flaw that affects Drupal content management system version 7,7, and 8. The websites can be hacked by an unauthenticated and remote attacker.
The CVE-2018-7600 is the tracked security hole that is of risk score 21/25 and can be easily exploited by accessing a certain page of the Drupal based site.