From 1b0ab5555418cc5d1828d56cd22a268ec4c03534 Mon Sep 17 00:00:00 2001 From: MarketingYeti <77474444+MarketingYeti@users.noreply.github.com> Date: Fri, 26 Feb 2021 09:49:43 -0500 Subject: [PATCH] docs: Update Drupal.md --- docs/content/reference/exploiters/Drupal.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/content/reference/exploiters/Drupal.md b/docs/content/reference/exploiters/Drupal.md index df600b2cb..5763b0ca8 100644 --- a/docs/content/reference/exploiters/Drupal.md +++ b/docs/content/reference/exploiters/Drupal.md @@ -18,7 +18,7 @@ This can lead to arbitrary PHP code execution in some cases. ### Affected Versions -* Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. +* Drupal 8.5.x (before 8.5.11) and Drupal 8.6.x (before 8.6.10). One of the following conditions must hold: * The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH @@ -32,4 +32,4 @@ Drupal 8, or Services or RESTful Web Services in Drupal 7. * The Infection Monkey exploiter implementation is based on an open-source [Python implementation](https://gist.github.com/leonjza/d0ab053be9b06fa020b66f00358e3d88/f9f6a5bb6605745e292bee3a4079f261d891738a) of the exploit by @leonjza. -* For the full attack to work, more than one vulnerable URL is required. \ No newline at end of file +* For the full attack to work, more than one vulnerable URL is required.