Drupal core – Highly Critical Vulnerability
Drupal has sent out a notification about new highly critical issues with the Drupal core. This means that anyone running Drupal should update as soon as possible.
Advisory ID: DRUPAL-SA-CORE-2013-003
Project: Drupal core
Version: 6.x, 7.x
Date: 2013-November-20
Security risk: Highly critical
Exploitable from: Remote
Vulnerability: Multiple vulnerabilities
More information: https://drupal.org/security