The vulnerability can be mitigated by simply deleting the ‘/install/’ folder, which probably should have never remained there in the first place. As mentioned, Incapsula's WAF was patched to defend against this exploit so all customers are protected and don’t need to take any further action.