Exploitation and mitigation bypasses for the new Drupal 8 RCE (SA-CORE-2019-003, CVE-2019-6340), targeting the REST module.