[SECURITY-L] [Security-news] Form mode manager - Moderately critical - Access bypass - SA-CONTRIB-2021-023
CSIRT Unicamp
security em unicamp.br
Quarta Julho 21 14:18:26 -03 2021
View online: https://www.drupal.org/sa-contrib-2021-023
Project: Form mode manager [1]
Date: 2021-July-21
Security risk: *Moderately critical* 11∕25
AC:Basic/A:User/CI:None/II:Some/E:Proof/TD:Default [2]
Vulnerability: Access bypass
Description:
This module provides a user interface that allows the implementation and use
of /Form modes/ without custom development.
The module does not sufficiently respect access restrictions to entity forms
for routes it creates to use specific form modes.
This vulnerability is mitigated by the fact that an attacker must have a
role
with the permission to use a specific form mode, for example use X form
mode.
Solution:
Install the latest version:
* If you use the Form mode manager module 8.x-1.x series for Drupal 8,
upgrade to form_mode_manager 8.x-1.4 [3].
Reported By:
* Byron Duvall [4]
* Jason Partyka [5]
* Bec [6]
Fixed By:
* Byron Duvall [7]
* Derek Wright [8]
Coordinated By:
* Greg Knaddison [9] of the Drupal Security Team
* Damien McKenna [10] of the Drupal Security Team
[1] https://www.drupal.org/project/form_mode_manager
[2] https://www.drupal.org/security-team/risk-levels
[3] https://www.drupal.org/project/form_mode_manager/releases/8.x-1.4
[4] https://www.drupal.org/user/1279040
[5] https://www.drupal.org/user/344048
[6] https://www.drupal.org/user/81067
[7] https://www.drupal.org/user/1279040
[8] https://www.drupal.org/user/46549
[9] https://www.drupal.org/user/36762
[10] https://www.drupal.org/user/108450
_______________________________________________
Security-news mailing list
Security-news em drupal.org
Unsubscribe at https://lists.drupal.org/mailman/listinfo/security-news
===
Computer Security Incident Response Team - CSIRT
Universidade Estadual de Campinas - Unicamp
Centro de Computacao - CCUEC
GnuPG Public Key: http://www.security.unicamp.br/security.asc [^]
Contato: +55 19 3521-2289 ou INOC-DBA: 1251*830
-------------- Próxima Parte ----------
Um anexo em HTML foi limpo...
URL: <http://www.listas.unicamp.br/pipermail/security-l/attachments/20210721/256f633c/attachment.html>
Mais detalhes sobre a lista de discussão SECURITY-L