5 matches found
CVE-2026-44176
Kirby is an open-source content management system. Versions prior to 4.9.1 and 5.4.1 do not check the pages.access permission during page draft rendering. Permissions are defined for each user role in the user blueprint site/blueprints/users/.... It is also possible to customize the permissions f...
CVE-2026-44176 Kirby: `pages.access` permission is not checked during rendering of page drafts
Kirby is an open-source content management system. Versions prior to 4.9.1 and 5.4.1 do not check the pages.access permission during page draft rendering. Permissions are defined for each user role in the user blueprint site/blueprints/users/.... It is also possible to customize the permissions f...
CVE-2026-44176
Kirby CMS vulnerability CVE-2026-44176 affects pre-4.9.1 and pre-5.4.1 releases where the path resolver could render page drafts without enforcing pages.access, potentially exposing sensitive draft content to authenticated users who know the full draft path. Root cause: page draft rendering bypas...
Red Hat Enterprise Linux 10 安全漏洞
Red Hat Enterprise Linux 10 is a Linux operating system designed for enterprise users by the American company Red Hat. There is a security vulnerability in Red Hat Enterprise Linux 10. This vulnerability stems from the fact that the device path node resolver does not verify that the Length field ...
DRUPAL-CONTRIB-2018-071
This module enables you to resolve the provided Drupal path in order to find the canonical path and information about the resolved entity. This information includes entity type ID, entity ID, entity UUID and entity label. The module doesn't sufficiently check access before displaying entity label...