Description
Drupal Core is prone to multiple vulnerabilities, including cross-site request forgery and security bypass vulnerabilities. Exploiting these issues could allow an attacker to perform certain administrative actions and gain unauthorized access to the affected application or to perform otherwise restricted actions and subsequently modify users' information or download files. Drupal Core versions 7.x ranging from 7.0 and up to and including 7.10 are vulnerable.
Remediation
Update to Drupal Core version 7.11 or latest