Access Control Bypass
Discription

drupal/core is vulnerable to Access Control Bypass. The API was not integrated with existing permission controls, resulting in access bypass for users who have access to revisions of content, but not individual items.Read More

Back to Main

Subscribe for the latest news: