[HIGH] File upload access bypass and denial of service

PKSA-1z3h-7mrn-jhpp CVE-2016-3162 GHSA-w2pj-c8x5-jvg2

Affected package: drupal/drupal

Affected version: >=8.0,<8.0.4

Reported by:
FriendsOfPHP/security-advisories, GitHub