Security Advisories - PKSA-mhgf-dg9m-23xj - Packagist

PKSA-mhgf-dg9m-23xj Security Advisory

[MEDIUM] Injection in DefaultMailSystem::mail() - Critical - Remote Code Execution

PKSA-mhgf-dg9m-23xj GHSA-6ccv-8fgf-cjpw

Affected package: drupal/core

Affected version: >=7.0,<7.60|>=8.0.0,<8.1.0|>=8.1.0,<8.2.0|>=8.2.0,<8.3.0|>=8.3.0,<8.4.0|>=8.4.0,<8.5.0|>=8.5.0,<8.5.8|>=8.6.0,<8.6.2

Reported by:
FriendsOfPHP/security-advisories, GitHub