Linky Revision UI - Moderately critical - Access bypass - SA-CONTRIB-2021-016
Project: Linky Revision UI
Date: 2021-June-16
Security risk: Moderately critical 11∕25
Vulnerability: Access bypass
Description
This module provides a revision UI to Linky entities.
The module doesn't sufficiently respect access restrictions to certain entities when used in conjunction with specific modules.
This vulnerability is mitigated by the fact that an attacker must have a role with any of the permissions provided by Linky Revision UI, and another affected module must be enabled.
Solution
Install the latest version:
If you use the Linky Revision UI module for Drupal 8.x, upgrade to Linky Revision UI 2.127.1
We value your opinion. Please add your feedback.