Drupal has released security updates to address vulnerabilities in Drupal 7.x, 8.7.x, and 8.8.x. An attacker could exploit some of these vulnerabilities to modify data on an affected website.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Drupal Security Advisories and apply the necessary updates:
• SA-CORE-2019-012
• SA-CORE-2019-011
• SA-CORE-2019-010
• SA-CORE-2019-009