Drupal has released security updates to address security vulnerabilities affecting Drupal versions 7, 10.2, 10.3 and 11.0. An attacker could exploit these vulnerabilities to trigger cross-site scripting and security restriction bypass on the targeted system.

According to Drupal security advisories, users are recommended to install the latest version:

• If you are using Drupal 7, update to Drupal 7.102.

• If you are using Drupal 10.2, update to Drupal 10.2.11.

• If you are using Drupal 10.3, update to Drupal 10.3.9.

• If you are using Drupal 11.0, update to Drupal 11.0.8.

More information on vulnerabilities and updates is available in Drupal security advisories:

• SA-CORE-2024-003

• SA-CORE-2024-004

• SA-CORE-2024-008