Drupal has released security updates to address a vulnerability affecting Drupal 8.9, 9.0, and 9.1. An attacker could exploit this vulnerability to take control of an affected system.
CISA encourages users and administrators to review Drupal Advisory SA-CORE-2021-003 and apply the necessary updates or mitigations.