Search criteria
Related vulnerabilities
drupal-contrib-2026-039
Vulnerability from drupal
Published
2026-06-03 16:10
Modified
2026-06-03 16:10
Summary
Details
This module configures default editorial workflows for LocalGov Drupal content types. It provides a Drupal content moderation workflow, a content approvals dashboard, content scheduling and content preview.
The module doesn't sufficiently restrict access to a view of Service Contacts at which exposes the names and content items assigned to each Service Contact.
Credits
References
| URL | Type | |
|---|---|---|
{
"affected": [
{
"database_specific": {
"affected_versions": "\u003c1.6.0"
},
"package": {
"ecosystem": "Packagist:https://packages.drupal.org/8",
"name": "drupal/localgov_workflows"
},
"ranges": [
{
"database_specific": {
"constraint": "\u003c1.6.0"
},
"events": [
{
"introduced": "0"
},
{
"fixed": "1.6.0"
}
],
"type": "ECOSYSTEM"
}
],
"severity": []
}
],
"aliases": [
"CVE-2026-10768"
],
"credits": [
{
"contact": [
"https://www.drupal.org/u/mariay-0"
],
"name": "Maria Young (maria.y)"
}
],
"details": "This module configures default editorial workflows for LocalGov Drupal content types. It provides a Drupal content moderation workflow, a content approvals dashboard, content scheduling and content preview.\n\nThe module doesn\u0027t sufficiently restrict access to a view of Service Contacts at which exposes the names and content items assigned to each Service Contact.",
"id": "DRUPAL-CONTRIB-2026-039",
"modified": "2026-06-03T16:10:48.000Z",
"published": "2026-06-03T16:10:48.000Z",
"references": [
{
"type": "WEB",
"url": "https://www.drupal.org/sa-contrib-2026-039"
}
],
"schema_version": "1.7.0"
}