This article is contributed. See the original author and article here.
Drupal has released a security update to address a vulnerability affecting private vocabulary modules for Drupal 8.x. An unauthorized user could exploit this vulnerability to bypass access permissions to create, modify, and delete private vocabulary terms.
CISA encourages users and administrators to review Drupal’s security advisory SA-CONTRIB-2023-001 and apply the necessary update.
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.