Drupal faces a "moderately critical" flaw in the comment module, risking denial of service. Versions between 8.0 and 10.1.8, plus 10.2 (pre-10.2.2) are affected. Patches for 10.1 and 10.2 are available, but pre-10.1 versions are end-of-life. Can't update? Secure with a Web Application Firewall (WAF)!
...more