Open Social – Moderately critical – Access bypass – SA-CONTRIB-2024-004

Drupal Security Advisory

Project: 
Date: 
2024-January-24
Vulnerability: 
Access bypass
Affected versions: 
<12.05
Description: 

Content within Open Social can have different visibilities. It is possible for a user to create public content even when this should not be allowed.
This vulnerability is mitigated by the fact that the site must have public visibility disabled on a global level.

Solution: 

Install the latest version of Open Social:

Reported By: 
Coordinated By: 

READ MORE