Drupal has released a security advisory to address a vulnerability in the Drupal products. The list of security update can be found at:
https://www.drupal.org/sa-core-2022-016
Please note that Drupal 9 prior to version 9.3.x have reached End-Of-Life (EOL). No security updates will be provided after that. Users should arrange upgrading the Drupal to supported versions or migrating to other supported technology.
Successful exploitation could lead to information disclosure or security restriction bypass on an affected system.
The product vendor has released patches to address the issues.