Advanced PWA – Critical – Access bypass – SA-CONTRIB-2024-017

Drupal Security Advisory

Project: 
Date: 
2024-April-24
Vulnerability: 
Access bypass
Affected versions: 
<1.5.0
Description: 

Progressive web applications are web applications that load like regular web pages or websites but can offer the user functionality such as working offline, push notifications, and device hardware access traditionally available only to native applications.

This module doesn’t sufficiently protect access to the settings form, allowing an unauthorized malicious user to view and modify the module settings.

Solution: 

Install the latest version:

Reported By: 
Fixed By: 
Coordinated By: 

READ MORE