Secunia Security Advisory – Debian has issued an update for drupal6. This fixes some vulnerabilities, which can be exploited by malicious users to disclose sensitive information and bypass certain security restrictions, and by malicious people to disclose sensitive information and conduct cross-site scripting attacks.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/82559/sa37260.txt
Source: https://packetstormsecurity.com/files/82559/Secunia-Security-Advisory-37260.html