Unauthorized Access via Missing Authorization in Drupal Entity Delete Log
There is a Missing Authorization vulnerability in Drupal Entity Delete Log. This lets users perform Forceful Browsing. The issue affects Entity Delete Log versions from 0.0.0 up to, but not including, 1.1.1.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
drupal entity delete log |