CVE-2024-13248
CVE-2024-13248 is a privilege-assignment flaw in Drupal Private content (SA-CONTRIB-2024-012). The vulnerability arises from incorrect permission handling when private content is framed, enabling target influence and an access bypass for content in versions before 2.1.0. Affected product: Drupal ...