Role Delegation
Monthly
The Drupal Role Delegation module versions 1.3.0 through 1.5.0 contains an unsafe privilege definition vulnerability that permits authenticated users with delegation permissions to escalate their privileges within the application. An attacker with limited account access could exploit this flaw to gain elevated permissions and modify system settings or access restricted functionality. No patch is currently available for this vulnerability.
The Drupal Role Delegation module versions 1.3.0 through 1.5.0 contains an unsafe privilege definition vulnerability that permits authenticated users with delegation permissions to escalate their privileges within the application. An attacker with limited account access could exploit this flaw to gain elevated permissions and modify system settings or access restricted functionality. No patch is currently available for this vulnerability.