A critical vulnerability has been found in a Drupal module used by many websites. While the flaw has been fixed, Drupal developers initially advised users to migrate as the affected module had not been updated for several years.
Article Link: http://feedproxy.google.com/~r/Securityweek/~3/VcFOK_c2Ir8/flaw-drupal-module-exposes-120000-sites-attacks