Drupal developers have released updates for versions 7 and 8 to address security flaws that can lead to information disclosure, cache poisoning, redirection to third-party sites and a denial-of-service (DoS) condition.