DRUPAL-CONTRIB-2019-095

See a problem?
Import Source
https://github.com/DrupalSecurityTeam/drupal-advisory-database/blob/main/advisories/permissions_by_term/DRUPAL-CONTRIB-2019-095.json
JSON Data
https://api.osv.dev/v1/vulns/DRUPAL-CONTRIB-2019-095
Published
2019-12-11T18:59:46Z
Modified
2025-12-10T23:32:35.931506Z
Summary
[none]
Details

The Permissions by Term module extends Drupal by functionality for restricting access to single nodes via taxonomy terms.

The module doesn't sufficiently restrict access to node previews, when the Search API module is used to display nodes in search result lists.

References
Credits

Affected packages

Packagist:https://packages.drupal.org/8 / drupal/permissions_by_term

Package

Name
drupal/permissions_by_term
Purl
pkg:composer/drupal/permissions_by_term

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.0
Database specific
{
    "constraint": "<2.0.0"
}

Database specific

affected_versions
"<2.0.0"
source
"https://github.com/DrupalSecurityTeam/drupal-advisory-database/blob/main/advisories/permissions_by_term/DRUPAL-CONTRIB-2019-095.json"