Description
Drupal Core is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. Drupal Core versions 8.9.x ranging from 8.9.0 and up to and including 8.9.5 are vulnerable.
Remediation
Update to Drupal Core version 8.9.6 or latest
References
Related Vulnerabilities
WordPress Plugin Google XML Sitemap for Images Cross-Site Request Forgery (2.1.3)
WordPress Plugin Login/Signup Popup (Inline Form + Woocommerce) Cross-Site Request Forgery (2.2)
WordPress Plugin WP Mobile Detector Multiple Vulnerabilities (3.8)