Drupal has released security updates to address vulnerabilities in Drupal 7.x, 8.8.x, 8.9.x, and 9.0.x. An attacker could exploit some of these vulnerabilities to obtain sensitive information or leverage the way HTML is rendered.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Drupal security updates and apply the necessary updates:
This product is provided subject to this Notification and this Privacy & Use policy.