Update to Fix Access Bypass in Drupal's Node Access Rebuild Module
A security advisory has been issued for the Node Access Rebuild Progressive module, identifying an access bypass vulnerability in versions prior to 2.0.2. This Drupal module, designed to provide an alternative method for rebuilding the Content Access table, fails to reset content access states upon uninstallation adequately. Security experts Pierre Rudloff and Shelane French collaborated to address the issue, with guidance from Greg Knaddison and Damien McKenna of the Drupal Security Team. Drupal site administrators are urged to upgrade to version 2.0.2 or newer to mitigate the risk of exploitation. Pierre Rudloff reported the issue. Learn more here.
Disclosure: This content is produced with the assistance of AI.