Missing Authentication for Critical Function vulnerability in Drupal Panels allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Panels: from 0.0.0 before 4.9.0.
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Link | Tags |
---|---|
https://www.drupal.org/sa-contrib-2025-033 | vendor advisory |