Drupal has released security updates to address security vulnerabilities affecting Drupal versions 10.3, 10.4, 11.0 and 11.1. An attacker could exploit these vulnerabilities to trigger remote code execution, cross-site scripting and security restriction bypass on the targeted system.

According to Drupal security advisories, users are recommended to install the latest version:

• If you are using Drupal 10.3, update to Drupal 10.3.13.
• If you are using Drupal 10.4, update to Drupal 10.4.3.
• If you are using Drupal 11.0, update to Drupal 11.0.12.
• If you are using Drupal 11.1, update to Drupal 11.1.3.

More information on vulnerabilities and updates is available in Drupal security advisories:

• SA-CORE-2025-001;
• SA-CORE-2025-002;
• SA-CORE-2025-003.