The Protected Pages module is actually supposed to protect websites created with the Drupal content management system (CMS) with passwords, but attackers should be able to bypass the password protection. A version protected against this is available for download.
Admins, die Protected Pages for Drupal 8, 9 or 10 should promptly use the repaired Issue 8.x-1.6 to install. This emerges from a warning message from the CMS developers. If attackers attack the vulnerability, a CVE number has obviously not yet been assigned, they could circumvent the password protection in an unspecified way and access the page content. Drupal estimates the security risk as “critical” a.