Drupal has released security updates to address critical vulnerability (CVE-2022-39261) affecting Drupal versions 9.3 and 9.4. An attacker could exploit this vulnerability to access sensitive information on the targeted system.

According to Drupal security advisory, users are recommended to install the latest version:

• If you are using Drupal 9.4, update to Drupal 9.4.7.
• If you are using Drupal 9.3, update to Drupal 9.3.22.

More information on vulnerabilities and updates is available in Drupal security advisory:

SA-CORE-2022-016