CVE-2020-13671
Drupal core Un-restricted Upload of File
Improper sanitization in the extension file names is present in Drupal core. Vendor/Product: Drupal Drupal core. Added to CISA KEV 2022-01-18; required action: Apply updates per vendor instructions.