Security Advisory: Access Bypass Vulnerability in Drupal Image Sizes Module
Drupal has released a security advisory for the Image Sizes module, identifying a moderately critical access bypass vulnerability. The issue, reported and fixed by Dezső Biczó, affects versions below 3.0.2 and arises from insufficient access checks for rendered images, potentially allowing unauthorized access. Users are advised to upgrade to version 3.0.2 to address this vulnerability. The update was coordinated by Juraj Nemec, Neil Drumm, and Michael Hess of the Drupal Security Team, with contributions from Pascal Crott.
Source Reference
Date of Publication
URL
https://www.drupal.org/sa-contrib-2024-023?utm_source=dlvr.it&utm_medium=twitter
Disclosure: This content is produced with the assistance of AI.