logo

Database

Improper authorization control for web services In drupal/sendinblue

Description

Update: This module had an access bypass vulnerability which has now been addressed by the module’s current maintainers.

Original description

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466#procedure---own-project---unsupported

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. OSV-DRUPAL-CONTRIB-2019-0882. GCVE-DRUPAL-CONTRIB-2019-0883. drupal.org

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.