Node View Permissions - Moderately critical - Access Bypass - SA-CONTRIB-2018-002
The Node view permissions module enables the "View own content" and "View any content" permissions for each content type on the permissions page. This module has a vulnerability that allows users with these permissions to view unpublished content that they are not otherwise authorized to view. Th...