Drupal has released security updates to address a Guzzle third-party library vulnerability that does not affect Drupal core but may affect some contributed projects or custom code on Drupal sites. Exploitation of this vulnerability could allow a remote attacker to take control of an affected website.
CISA encourages users and administrators to review Drupal security advisory SA-CORE-011 and apply the necessary updates.
Please share your thoughts.
We recently updated our anonymous product survey; we'd welcome your feedback.