Drupal discovered a severe vulnerability and said they would release a patch. When the patch was released we analysed and created rules to mitigate these. By analysing the patch we created WAF rules to protect Cloudflare customers running Drupal.
On August 22 a new vulnerability in the Apache Struts framework was announced. We quickly deployed a mitigation to protect customers.