==================================================================== CERT-Renater Note d'Information No. 2017/VULN273 _____________________________________________________________________ DATE : 22/09/2017 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Page Access for DRUPAL. ===================================================================== https://www.drupal.org/node/2910306 ____________________________________________________________________ Page Access - Unsupported - SA-CONTRIB-2017-75 Posted by Drupal Security Team on 20 Sep 2017 at 18:43 UTC Advisory ID: DRUPAL-SA-CONTRIB-2017-75 Project: Page Access (third-party module) Date: 20-September-2017 Description This module will provide the option to give the View and Edit access for users and roles on each node pages. The security team is marking this module unsupported. There is a known security issue with the module that has not been fixed by the maintainer. If you would like to maintain this module, please read: https://www.drupal.org/node/251466 Versions affected All versions Drupal core is not affected. If you do not use the contributed Page Access module, there is nothing you need to do. Solution If you use the Page Access module for Drupal you should uninstall it. Also see the Page Access project page. Reported by Frédéric Buclin Fixed by Not applicable Contact and More Information The Drupal security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact. Learn more about the Drupal Security team and their policies, writing secure code for Drupal, and securing your site. Follow the Drupal Security Team on Twitter at https://twitter.com/drupalsecurity ========================================================== + CERT-RENATER | tel : 01-53-94-20-44 + + 23 - 25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email: cert@support.renater.fr + ==========================================================