Drupal core - Moderately critical - Information Disclosure - SA-CORE-2023-002
|
System information
|
| |
|
|
Affected software |
Drupal |
Description
|
Project: Drupal coreDate: 2023-March-15Security risk: Moderately critical 14∕25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:DefaultVulnerability: Information DisclosureAffected versions: >=8.0.0 =9.5.0 =10.0.0 Description: The Media module does not properly check entity access in some circumstances. This may result in users seeing thumbnails of media items they do not have access to, including for private files.This release was coordinated with SA-CONTRIB-2023-010.This advisory is
More info:
https://www.drupal.org/sa-core-2023-002 |
Standar resources
|
|
Property |
Value |
|
CVE |
|
