Permissions by Term - Moderately critical - Access bypass - SA-CONTRIB-2022-056
Project: Permissions by Term Version: 3.1.18 Date: 2022-September-07 Security risk: Moderately critical 14∕25 Vulnerability: Access bypass
This module enables you to set content permissions based on taxonomy terms.
The module doesn't sufficiently restrict access to translated and unpublished nodes.
This vulnerability is mitigated by the fact that it only affects sites with translated content.
Install the latest version:
- If you use the Permissions by Term module for Drupal 9.x, upgrade to version 3.1.19