CVE-2023-31250

Name of the Vulnerable Software and Affected Versions Drupal (affected versions not specified)

Description The file download facility does not sufficiently sanitize file paths in certain situations, potentially allowing users to access private files they should not have access to. Some sites may require configuration changes following a security release. Users should review the release notes for their Drupal version if they encounter issues accessing private files after updating.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.