Drupal Wordspaces Module Access Bypass Vulnerability (SA-CORE-2019-008)

On the 17th of July, an advisory addressing a access bypass vulnerability was made public. This was assigned CVE-2019-6342 by MITRE and the associated security risk was deemed critical by Drupal in SA-CORE-2019-008. Vulnerability Details: An access bypass condition allows an attacker to bypass security restrictions in place to perform certain actions. The vulnerability exists … Continue reading “Drupal Wordspaces Module Access Bypass Vulnerability (SA-CORE-2019-008)”