DRUPAL-CONTRIB-2019-094

See a problem?
Import Source
https://github.com/DrupalSecurityTeam/drupal-advisory-database/blob/main/advisories/modal_page/DRUPAL-CONTRIB-2019-094.json
JSON Data
https://api.osv.dev/v1/vulns/DRUPAL-CONTRIB-2019-094
Published
2019-12-11T18:38:32Z
Modified
2025-12-10T23:33:49.512553Z
Summary
[none]
Details

This project enables administrators to create modal dialogs.

The routes used by the module lacked proper permissions, allowing untrusted users to access, create and modify modal configurations.

References
Credits

Affected packages

Packagist:https://packages.drupal.org/8 / drupal/modal_page

Package

Name
drupal/modal_page
Purl
pkg:composer/drupal/modal_page

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.5.0
Database specific
{
    "constraint": "<2.5.0"
}

Database specific

affected_versions
"<2.5.0"
source
"https://github.com/DrupalSecurityTeam/drupal-advisory-database/blob/main/advisories/modal_page/DRUPAL-CONTRIB-2019-094.json"