From 6184400f514de122cb88d9b41d85758d369e9b37 Mon Sep 17 00:00:00 2001
From: ophirharpazg <ophir.harpaz@guardicore.com>
Date: Mon, 31 Aug 2020 17:55:24 +0300
Subject: [PATCH] mention Drupal REST API requirement

---
 .../ui/src/components/report-components/SecurityReport.js  | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js b/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js
index d5bfff63a..250f90546 100644
--- a/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js
+++ b/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js
@@ -793,10 +793,9 @@ class ReportPageComponent extends AuthComponent {
           className="badge badge-info" style={{margin: '2px'}}>{issue.ip_address}</span>) is vulnerable to <span
           className="badge badge-danger">remote command execution</span> attack.
           <br/>
-          The attack was made possible because the server is using an old version of Drupal.
-          For possible workarounds and more info read <a
-          href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6340"
-        >here</a>.
+          The attack was made possible because the server is using an old version of Drupal, for which REST API is
+          enabled. For possible workarounds and more info read
+          <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6340">here</a>.
         </CollapsibleWellComponent>
       </>
     );