Drupal has released security updates to address a vulnerability affecting Drupal 7, 8.9, 9.0, and 9.1. An attacker could exploit this vulnerability to take control of an affected system.
Bhutan Computer Incident Response Team recommended users and administrators to review Drupal Advisory SA-CORE-2021-002 and apply the necessary updates or mitigations.