Security Vulnerabilities: SA-CORE-2018-006 - Drupal 7.x & Drupal 8.x

SA-CORE-2018-006 - Multiple Vulnerabilities in Drupal 7 & 8

Popular CMS platform Drupal have just announced that versions of Drupal 7 prior to 7.60 and Drupal 8 prior to 8.5.8 and/or 8.6.2 are affected by SA-CORE-2018-006. For more info on the vulnerabilities, please see the relevant Drupal advisory.

Drupal SA-CORE-2018-002 - Highly critical - Remote Code Execution vulnerability

Late last week, the Drupal Security Team announced a "Highly critical" remote code execution vulnerability that affects Drupal 6 (EOL), Drupal 7 and Drupal 8. SA-CORE-2018-002 dubbed "Drupalgeddon2" was discovered by Jasper Mattsson. Drupal scores it a whopping 21 (out of a possible 25) "Security Risk Level". All users are recommended to update their Drupal sites immediately.