Drupal Form API Ajax Requests Remote OS Command Injection Exploit

Drupal is prone to an OS command injection vulnerability that allows attackers to take advantage of an improper validation of user-supplied data in the Form API Ajax Requests.
Platform: 
Vulnerabilty ID: 
CVE-2018-7600
Released Date: 
Wednesday, April 18, 2018 - 19:00