Security risk: *Critical* 18∕25
Vulnerability: Remote Code Execution
The Media module provides an extensible framework for managing files and multimedia assets, regardless of whether they are hosted on your own site or a third party site.
The module contained a vulnerability similar to SA-CORE-2018-004, leading to a possible remote code execution (RCE) attack.
Install the latest version:
* If you use the Media module for Drupal 7.x-2.x, upgrade to Media 7.x-2.19