Back to search
CVE-2013-7391
Published: Jul 19, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
The Entity API module 7.x-1.x before 7.x-1.2 for Drupal, when using the (a) Views field or (b) area plugins, allows remote attackers to read restricted entities via the (1) field, (2) header, or (3) footer of a View. NOTE: this identifier was SPLIT from CVE-2013-4273 per ADT5 due to different researcher organizations.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[oss-security] 20130822 Re: CVE request for Drupal contributed modules
mailing-list
x_refsource_MLIST
https://drupal.org/node/2065207
x_refsource_MISC
https://drupal.org/node/2065197
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now