Project: Wingsuit - Storybook for UI Patterns
Version: 8.x-2.x-dev, 8.x-1.x-dev
Security risk: Critical 16∕25
Vulnerability: Access bypass
The Wingsuit module enables site builders to build UI Patterns (and|or) Twig Components with Storybook and use them without any mapping code in Drupal.
The module doesn't have an access check for the admin form allowing an attacker to view and modify the Wingsuit configuration.
Install the latest version: