Media: oEmbed - Critical - Remote Code Execution - SA-CONTRIB-2020-036

Project: Media: oEmbedDate: 2020-November-18Security risk: Critical 17∕25 AC:Basic/A:User/CI:All/II:All/E:Theoretical/TD:DefaultVulnerability: Remote Code ExecutionDescription: Media oEmbed does not properly sanitize certain filenames as described in SA-CORE-2020-012.Solution: Install the latest version:

Reported By: 

Fixed By: 

Coordinated By: 

Path to article https://www.drupal.org/sa-contrib-2020-036