Drupal has published a security advisory to address vulnerabilities affecting Drupal versions 7, 9.2 and 9.3 on the 19th of January 2022. It is recommended that you take the necessary precautions by ensuring your products are always updated.
SA-CORE-2022-001 SA-CORE-2022-002
For more information on these updates, you can follow these URLs:
https://www.drupal.org/sa-core-2022-001
https://www.drupal.org/sa-core-2022-002
The Guyana National CIRT recommends that users and administrators review these updates and apply them where necessary.
PDF Download: Drupal Security Advisory.pdf
References
Drupal security advisory (20th January 2022). Retrieved from GovCERT.HK
https://www.govcert.gov.hk/en/alerts_detail.php?id=722
Drupal security advisory (20th January 2022). Retrieved from Cybersecurity & Infrastructure Security Agency.
https://www.cisa.gov/uscert/ncas/current-activity/2022/01/20/drupal- releases-security-updates