Block Content Revision UI - Moderately critical - Access bypass - SA-CONTRIB-2021-017

Project: Block Content Revision UIDate: 2021-June-16Security risk: Moderately critical 11∕25 AC:Complex/A:User/CI:Some/II:Some/E:Theoretical/TD:UncommonVulnerability: Access bypassDescription: This module provides a revision UI to Block Content entities.
The module doesn't sufficiently respect access restrictions to certain entities when used in conjunction with specific modules.
This vulnerability is mitigated by the fact that an attacker must have a role with any of the permissions provided by Block Content Revision UI, and another affected module must be enabled.Solution: Install the latest version:

Reported By: 

Fixed By: 

Coordinated By: 

Path to article