https://www.cisa.gov/uscert/ncas/current-activity/2022/03/17/drupal-releases-security-updates
Drupal has released security updates to address vulnerabilities affecting Drupal 9.2 and 9.3. An attacker could exploit one of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review Drupal Advisory SA-CORE-2022-05 and apply the necessary updates.