Drupal voor Gemeenten - Moderately critical - Access Bypass - SA-CONTRIB-2019-031

Project: Drupal voor GemeentenDate: 2019-March-06Security risk: Moderately critical 13∕25 AC:None/A:None/CI:None/II:Some/E:Theoretical/TD:UncommonVulnerability: Access BypassDescription: The DvG distrubition contains the feature module dvg_domains to support multiple domains.
When the dvg_domains feature module is enabled, anonymous users are able to access some administration pages and change the settings exposed on those pages.
This issue can be mitigated by disabling the dvg_domains module.Solution: Install the latest version:

  • If you use the module dvg_domains from the DvG distribution upgrade to DvG 7.x-1.9

Reported By: 

Fixed By: 

Coordinated By: 

Path to article https://www.drupal.org/sa-contrib-2019-031