A critical security flaw has been found in Drupal’s content management system, affecting more than a million websites.

The bug affects pages using Drupal 8, 7 and 6 versions. The administrators of these websites should update the site immediately.

Update 7.58 or 8.5.1, officially discontinued support for older version 6 but must manually add security patch code.

Due to the error, the page visitor can gain access to the page settings, change the content there and also delete the data.


Article source: https://www.veebimajutus.ee/blogi/drupali-turvuuuendus