Drupal Commerce - Moderately critical - Access bypass - SA-CONTRIB-2018-057

Project: Drupal Commerce
Version: 8.x-2.x-dev
Date: 2018-August-29
Security risk: *Moderately critical* 14∕25
Vulnerability: Access bypass

Description

This module enables you to build eCommerce websites and applications with Drupal.

The module doesn't sufficiently check access for some of its entity types.

Solution

Update to Commerce 8.x-2.9.

Add new comment