Spamicide - Critical - Access bypass - SA-CONTRIB-2020-009
Project: Spamicide Date: 2020-April-08 Security risk: Critical 18∕25 Vulnerability: Access bypass
The Spamicide module protects Drupal forms with a form field that is hidden from normal users, but visible to spam bots.
The module doesn't require appropriate permissions for administrative pages leading to an Access Bypass.
Install the latest version: