CVE-2024-13268

Name of the Vulnerable Software and Affected Versions Drupal Opigno versions 7.X-1.0 through 7.X-1.23

Description The issue is related to improper neutralization of directives in statically saved code, also known as 'Static Code Injection', which allows PHP Local File Inclusion. This can be exploited by a remote attacker to execute arbitrary code.

Recommendations For versions 7.X-1.0 through 7.X-1.23, update to version 7.X-1.23 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.