Update to Fix Access Bypass in Drupal's Node Access Rebuild Module
A security advisory has been issued for the Node Access Rebuild Progressive module, identifying an access bypass vulnerability in versions prior to 2.0.2. This Drupal module, designed to provide an alternative method for rebuilding the Content Access table, fails to reset content access states upon uninstallation adequately. Security experts Pierre Rudloff and Shelane French collaborated to address the issue, with guidance from Greg Knaddison and Damien McKenna of the Drupal Security Team. Drupal site administrators are urged to upgrade to version 2.0.2 or newer to mitigate the risk of exploitation. Pierre Rudloff reported the issue. Learn more here.
Disclosure: This content is produced with the assistance of AI.
Note: The vision of this web portal is to help promote news and stories around the Drupal community and promote and celebrate the people and organizations in the community. We strive to create and distribute our content based on these content policy. If you see any omission/variation on this please let us know in the comments below and we will try to address the issue as best we can.
Related People
Comments
You may also like
