FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

drupal -- Drupal core - Access bypass

Affected packages
drupal8 < 8.7.5


VuXML ID 19d648e0-ab69-11e9-bfef-000ffec0b3e1
Discovery 2019-07-17
Entry 2019-07-21

Drupal Security Team reports:

In Drupal 8.7.4, when the experimental Workspaces module is enabled, an access bypass condition is created.

This can be mitigated by disabling the Workspaces module. It does not affect any release other than Drupal 8.7.4.