Drupal Security Advisory
Content within Open Social can have different visibilities. It is possible for a user to create public content even when this should not be allowed.
This vulnerability is mitigated by the fact that the site must have public visibility disabled on a global level.
Install the latest version of Open Social:
- If you use the Open Social distribution for Drupal 12.x, upgrade to Open Social 12.0.5