Drupal has released it’s latest batch of updates 7.39 and 6.37 amidst security vulnerabilities that are now remedied by the new versions. Both Drupal 6 and 7 contained multiple security vulnerabilities but with the new updates the company is urging users to use the updates and protect themselves from further damage.
“Upgrading your existing Drupal 7 and 6 sites is strongly recommended. There are no new features or non-security-related bug fixes in these releases,” said the company in their release.
Some of the vulnerabilities that were listed by the company include, Cross-site scripting Ajax system, autocomplete system, SQL injection, cross-sit request forgery (API), information disclosure in menu links (Access System) and other smaller vulnerabilities, according to Drupal.
“The Ajax system now validates URLs before making an Ajax request. Existing code which uses the Drupal Ajax API in any of the standard ways should continue to work after this update,” said Drupal in their explanation of updates since 7.38.
The company is urging users to take advantage of the updates in order to make sure they avoid damage through the security holes in 7.38 and 6.36.
Read the full story.