Trending CVEs for the Week of July 22nd, 2019
CVE-2019-6342 – Drupal Core Access Bypass Vulnerability
According to its self-reported version, in Drupal 8.7.4, when the experimental Workspaces module is enabled, an access bypass condition is created.
- Drupal 8.7.4
Drupal 8.7.3 and earlier, Drupal 8.6.x and earlier, and Drupal 7.x are not affected
Exploitation and Risk
Currently, we are not aware of any working exploits.
Upgrade to Drupal version 8.7.5 or later.