drupal is vulnerable to Access Bypass. The vulnerability exits in process_input
parameter of FormBuilder.php
because of the API access element not properly evaluate . which allows an attacker to access sensitive information in the system.
github.com/drupal/core/commit/0993e9f63e8c03f6c1e1c482b0985c89eaa485ee
github.com/drupal/core/commit/2d1a5f12c25a4a7211daf19afef81dd6a190c077
github.com/drupal/drupal/commit/2eb18f57786ece5daf1536dfae852b9d20cf74db
github.com/drupal/drupal/commit/80c942650a00ee01621e9207399bc05c0f8c22f1
www.drupal.org/sa-core-2022-013