Popular content management software Drupal has released an updated version which patches a security bypass vulnerability allowing an attacker to gain control of a site by way of the Symfony HttpFoundation component (CVE-2018-14773). This affects Drupal versions before 8.5.6. Similar flaws were also discovered in the Zend Feed and Diactoros libraries included in the Drupal Core referred to as the 'URL Rewrite Vulnerability' which should be be updated directly.

Be sure to have your website administer update your Drupal website!

‍

Read more here.