PKSA-92n7-p42q-cg28 Security Advisory
-
Saving user accounts can sometimes grant the user all roles
PKSA-92n7-p42q-cg28 CVE-2016-6211
Affected package: drupal/drupal
Affected version: >=8.0,<8.1.0|>=8.1.0,<8.1.3
Reported by:
FriendsOfPHP/security-advisories