Drupal has released an advisory to address several vulnerabilities in Drupal 8.x. A remote attacker could exploit one of these vulnerabilities to obtain or modify sensitive information.
US-CERT encourages users and administrators to review Drupal's Security Advisory and upgrade to version 8.3.7.
This product is provided subject to this Notification and this Privacy & Use policy.