Drupal has released updates to address multiple vulnerabilities, one of which could allow a remote attacker to gain access to a system account.
Available updates include:
* Drupal core 6.35 for 6.x users
* Drupal core 7.35 for 7.x users
US-CERT encourages users and administrators to review Drupal’s Security Advisory and apply the necessary updates.