Drupal has released critical
security updates addressing vulnerabilities in Drupal 7.x, 8.5.x, and
8.6.x. A remote attacker could exploit these vulnerabilities to take control of
an affected system.
CERT Bulgaria recommends
users and administrators to review Drupal’s security advisories SA-CORE-2019-001
and SA-CORE-2019-002 and apply the necessary updates.