Pages Restriction Access - Critical - Access bypass - SA-CONTRIB-2021-024

Project: Pages Restriction Access
Date: 2021-July-28
Security risk: Critical 16∕25
Vulnerability: Access bypass

Description

This project enables administrators to restrict access from anonymous and regular users to pre-defined pages.

The administration routes used by the project lacked proper permissions, allowing untrusted users to access, create and modify the module's settings.

Solution

Install the latest version:

If you use the Pages Restriction Access for Drupal 8.x, upgrade to Pages Restriction Access for Drupal 8.x-1.4

Nick Onom
Marketing Project Manager

Enthusiastic about all kinds of Open Source applications, AI, bitcoins, but mostly Drupal and Backdrop. For last years has been actively developing AltaGrade's new back-end system.

Drupal · Security

Pages Restriction Access - Critical - Access bypass - SA-CONTRIB-2021-024

Description

Solution

We value your opinion. Please add your feedback.