Security Update: Critical Access Bypass Identified in Registration Role Module

A security update has been released for Drupal addressing a critical access bypass found in the Registration Role module version <2.0.1.

Sites utilizing this version are urged to upgrade immediately. The Registration Role module facilitates administrators in selecting roles for automatic assignment to new users. However, a logic error has been discovered in the module's handling of sites that upgraded code without running the Drupal update process (e.g., update.php).

It's important to note that this vulnerability is mitigated on sites that follow the proper process of updating code and running standard updates. For users of the Registration Role module version 2.x, it is advised to upgrade to version 2.0.1 promptly to ensure security measures are up-to-date

Disclosure: This content is produced with the assistance of AI.

Note: The vision of this web portal is to help promote news and stories around the Drupal community and promote and celebrate the people and organizations in the community. We strive to create and distribute our content based on these content policy. If you see any omission/variation on this please let us know in the comments below and we will try to address the issue as best we can.

Advertisement Here

Upcoming Events

Latest Opportunities

Advertisement Here