- π©π°Denmark petaberg
Stizzi β made their first commit to this issueβs fork.
- π©π°Denmark petaberg
+1
One definitely wants an access related module is "green"
- π©π°Denmark petaberg
Perhaps this is a good time to make this module "green".
Is this module affected by this security hole?"As this is an API module, it is only exploitable if a "client" module exposes the vulnerability. Details of some contributed client modules are given below. Custom modules using ACL could also expose the vulnerability.
This vulnerability is mitigated by the fact that an attacker typically needs an "admin"-type permission provided by one of ACL's client modules."
ACL - Critical - Arbitrary PHP code execution - SA-CONTRIB-2023-034 β