The Storage API module 7.x-1.x prior to 7.x-1.8 for Drupal does not properly restrict access to Storage API fields attached to entities that are not nodes, which allows remote malicious users to have unspecified impact via unknown vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
storage api project storage api 7.x-1.5 |
||
storage api project storage api 7.x-1.6 |
||
storage api project storage api 7.x-1.1 |
||
storage api project storage api 7.x-1.2 |
||
storage api project storage api 7.x-1.0 |
||
storage api project storage api 7.x-1.7 |
||
storage api project storage api 7.x-1.3 |
||
storage api project storage api 7.x-1.4 |