**Serial number:** AV25-204 **Date:**April 10, 2025On April 9, 2025, Drupal published security advisories to address vulnerabilities in multiple products. Included were updates for the following:* ECA : Event – Condition – Action — versions 1.2.x, versions prior to 1.1.12, version 2.0.0 to versions prior to 2.0.16 and version 2.1.0 to versions prior to 2.1.7* Panels — versions prior to 4.9.0The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.* [ECA: Event – Condition – Action – Critical – Cross site request forgery – SA-CONTRIB-2025-031](https://www.drupal.org/sa-contrib-2025-031)* [Panels – Critical – Access bypass – SA-CONTRIB-2025-033](https://www.drupal.org/sa-contrib-2025-033)* [Drupal Security Advisories](https://www.drupal.org/security)
Related Tags:
NAICS: 92 – Public Administration
NAICS: 922 – Justice
Public Order
Safety Activities
NAICS: 51 – Information
Blog: Government of Canada Alerts and Advisories
Associated Indicators: