Search API - Moderately critical - Information Disclosure - SA-CONTRIB-2022-059
Project: Search API
Security risk: Moderately critical 13∕25
Vulnerability: Information Disclosure
This module enables you to build searches using a wide range of features, data sources and backends.
The module doesn't in all cases correctly detect whether a given search is active on the current page, leading to potential information disclosure for some setups.
This vulnerability is mitigated by the fact that only very specific setups will have this problem and there is no way for an attacker to trigger it.
Install the latest version:
- If you use the Search API module for Drupal 9.x/10.x, upgrade to Search API 8.x-1.27