Gutenberg - Critical - Access bypass - SA-CONTRIB-2021-007
Project: Gutenberg
Version: 8.x-2.x-dev, 8.x-1.x-dev
Date: 2021-May-12
Security risk: Critical 18∕25
Vulnerability: Access bypass
Description
This module provides a new UI experience for node editing using the Gutenberg Editor library.
The module did not correctly validate access rules in certain situations allowing anonymous users to delete blocks.
Solution
Install the latest version: