Drupal has released a security update to address a vulnerability in Drupal Core. A remote attacker could exploit this vulnerability to take control of an affected website.
Therefore, BtCIRT recommends users and administrators to review the Drupal’s security advisory SA-CORE-2019-007 and apply the necessary updates.