SA-CORE-2012-002 - Drupal core multiple vulnerabilities

http://drupal.org/node/1557938

Drupal core 7.13 was updated to correct several security issues including:

* Denial of Service (CVE: CVE-2012-1588)
* Unvalidated form redirect (CVE: CVE-2012-1589)
* Access bypass - forum listing (CVE: CVE-2012-1590)
* Access bypass - private images (CVE: CVE-2012-1591)
* Access bypass - content administration (CVE: CVE-2012-2153)

It is recommended that Core 7 users update to 7.13. Although not affected, Core 6 users should be using version 6.23 to avoid the vulnerabilities found in February.

Thanks,
Brian