Drupal Releases Security Updates

Original release date: May 27, 2021

Drupal has released security updates to address a vulnerability affecting Drupal 8.9, 9.0, and 9.1. An attacker could exploit this vulnerability to take control of an affected system.

CISA encourages users and administrators to review Drupal Advisory SA-CORE-2021-003 and apply the necessary updates or mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.