3 matches found
EUVD-2026-43114
Missing Authorization vulnerability in Drupal LocalGov Workflows allows Forceful Browsing. This issue affects LocalGov Workflows versions: from 0.0.0 to 1.6.0...
CVE-2026-10768
CVE-2026-10768 describes a Missing Authorization vulnerability in Drupal LocalGov Workflows that allows forceful browsing. Affected are LocalGov Workflows versions 0.0.0 to 1.6.0. The root cause is insufficient access controls that expose a view of Service Contacts, leading to potential informati...
LocalGov Workflows - Moderately critical - Information disclosure - SA-CONTRIB-2026-039
This module configures default editorial workflows for LocalGov Drupal content types. It provides a Drupal content moderation workflow, a content approvals dashboard, content scheduling and content preview. The module doesn't sufficiently restrict access to a view of Service Contacts at which...