Group - Moderately critical - Information disclosure - SA-CONTRIB-2020-032
Project: Group Version: 8.x-1.x-dev Date: 2020-August-05 Security risk: Moderately critical 12∕25 Vulnerability: Information disclosure
The Group module enables you to hand out permissions on a smaller subset, section or community of your website.
With the 1.1 security release, new code was introduced to ensure proper access for all entity types, but a mistake introduced unexpected access to unpublished nodes.
Install the latest version: