CVE-2024-13240
EPSS 0.45%Published: 1/24/2024Modified: 3/18/2026
Also known as:DRUPAL-CONTRIB-2024-004
Description
Content within Open Social can have different visibilities. It is possible for a user to create public content even when this should not be allowed. This vulnerability is mitigated by the fact that the site must have public visibility disabled on a global level.
Affected packages (1)
- Packagist/drupal/socialfrom 0, < 12.0.5