The entity wrapper access API in the Entity API module 7.x-1.x prior to 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions on referenced entities via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
entity api project entity api 7.x-1.0 |
||
entity api project entity api 7.x-1.1 |
||
entity api project entity api 7.x-1.2 |
||
fedoraproject fedora 20 |
||
fedoraproject fedora 19 |