Drupal has released a security update addressing a vulnerability in Drupal 8.x. A remote attacker could exploit this vulnerability to take control of an affected system. The NCCIC encourages users and administrators to review Drupal's Security Advisory and apply the necessary update. NCCIC/US-CERT