It can happen that the to-be translated language dimensions are not accessible for the current editor. For example, in one of our projects I denied editing access to these languages so that they cannot edit what has been automatically translated. However, that would result in an exception when the translation kicks in. To avoid that, the specific part (see commit) in the afterNodePublished method was wrapped in withoutAuthorizationChecks.
Let me know about your thoughts on this, but I don't see a vulnerability here.
PS: It is based on the other branch right now and will be rebased to master once the other branch has been closed.
It can happen that the to-be translated language dimensions are not accessible for the current editor. For example, in one of our projects I denied editing access to these languages so that they cannot edit what has been automatically translated. However, that would result in an exception when the translation kicks in. To avoid that, the specific part (see commit) in the
afterNodePublished
method was wrapped inwithoutAuthorizationChecks
.Let me know about your thoughts on this, but I don't see a vulnerability here.
PS: It is based on the other branch right now and will be rebased to master once the other branch has been closed.