Permissions by Term - Moderately critical - Access bypass - SA-CONTRIB-2022-056

Permissions by Term - Moderately critical - Access bypass - SA-CONTRIB-2022-056

Project: Permissions by Term
Version: 3.1.18
Date: 2022-September-07
Security risk: Moderately critical 14∕25
Vulnerability: Access bypass

Description

This module enables you to set content permissions based on taxonomy terms.

The module doesn't sufficiently restrict access to translated and unpublished nodes.

This vulnerability is mitigated by the fact that it only affects sites with translated content.

Solution

Install the latest version:

  • If you use the Permissions by Term module for Drupal 9.x, upgrade to version 3.1.19
Nick Onom's picture
Nick Onom
Marketing Project Manager
Enthusiastic about all kinds of Open Source applications, AI, bitcoins, but mostly Drupal and Backdrop. For last years has been actively developing AltaGrade's new back-end system.

We value your opinion. Please add your feedback.