Drupal core - Moderately critical - Information Disclosure - SA-CORE-2023-003
Mar 15, 2023
Project: Drupal core Date: 2023-March-15 Security risk: Moderately critical 13∕25 Vulnerability: Information Disclosure Affected versions: >=8.0.0 =9.5.0 =10.0.0
The language module provides a Language switcher block which can be placed to provide links to quickly switch between different languages.
The URL of unpublished translations may be disclosed. When used in conjunction with a module like Pathauto, this may reveal the title of unpublished content.