Drupal is calling upon its users to patch a dangerous remote code execution hole that can easily let attackers hijack sites. The content management system has some 15 million downloads, compared to WordPress with 140 million and Joomla with 30 million. Drupal is deployed on big ticket and business sites including nine percent of the world’s 10,000 most popular sites.
If Drupal core is not affected and not all sites will be impacted, the issue is again raising the question about third-party modules/plugins/add-ons that are not part of the core (code) but may cause significant damage to the project itself, your users, your business, all your hard work.... It is critical to review published advisories (July 12 2016) to determine if any modules you currently use have been flagged up.