Drupal has released security updates to address security vulnerability (CVE-2022-29248) affecting Drupal versions 9.2 and 9.3. Exploitation of this vulnerability could allow a remote attacker to take control of an affected website.

According to Drupal security advisory, users are recommended to install the latest version:

• If you are using Drupal 9.3, update to Drupal 9.3.14.
• If you are using Drupal 9.2, update to Drupal 9.2.20.

More information on vulnerability and updates is available in Drupal security advisory – SA-CORE-2022-010.