Original release date: October 29, 2014 | Last revised: October 30, 2014

Drupal released a public service announcement to address active exploitations of a previously patched vulnerability found in Drupal core 7.x versions prior to 7.32.

US-CERT advises users and administrators to review Drupal’s Public Service announcement and apply the necessary updates or workarounds.

This product is provided subject to this Notification and this Privacy & Use policy.