Drupal has released security updates to address vulnerabilities affecting H5P and the File (Field) Paths modules for Drupal 7.x. An attacker could exploit these vulnerabilities to access sensitive information and remotely execute code on the targeted system.

According to Drupal security advisories, users are recommended to install the latest version:

• If you use the H5P module for Drupal 7.x, upgrade to H5P 7.x-1.51.

• If you use the File (Field) Paths module for Drupal 7.x, upgrade to File (Field) Paths 7.x-1.2.

More information on vulnerabilities and updates is available in Drupal security advisories:

• sa-contrib-2022-064

• sa-contrib-2022-065