Drupal Releases Critical Security Updates

Original release date: March 28, 2018

Drupal has released critical updates addressing a vulnerability in Drupal 8, 7, and 6.  A remote attacker could exploit this vulnerability to take control of an affected system.

NCCIC/US-CERT encourages users and administrators to review Drupal’s Security Advisory and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.