Security expert found a “highly critical” vulnerability (CVE-2019-6340) in the popular Drupal CMS that could be exploited for remote code execution.