Cloud Vulnerability DB
An open project to list all known cloud vulnerabilities and Cloud Service Provider security issues
Vulnerability DatabaseGHSA-86xw-vmcx-9mj4
GHSA-86xw-vmcx-9mj4:
PHP vulnerability analysis and mitigation
Overview
A content moderation access bypass vulnerability was identified in Drupal, tracked as GHSA-86xw-vmcx-9mj4. The vulnerability affects Drupal versions 8.0.0 through 8.5.8 and 8.6.0 through 8.6.2. This moderately critical security issue was disclosed on October 17, 2018, and involves conditions where content moderation fails to properly check user access permissions for certain transitions (GitHub Advisory).
Technical details
The vulnerability is classified as having moderate severity and affects the content moderation system in Drupal. Under specific conditions, the system fails to properly validate user permissions when handling content state transitions, which could lead to unauthorized access (GitHub Advisory).
Impact
The vulnerability could result in an access bypass, potentially allowing users to perform content moderation actions they should not have permission to execute (GitHub Advisory).
Mitigation and workarounds
The vulnerability has been patched in Drupal versions 8.5.8 and 8.6.2. Users running affected versions should upgrade to these patched versions to resolve the security issue (GitHub Advisory).
Additional resources
Source: This report was generated using AI
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Get a personalized demo
Ready to see Wiz in action?
“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
David EstlickCISO
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Greg PoniatowskiHead of Threat and Vulnerability Management