First published: Tue Apr 10 2018(Updated: )
The entity_access API in the Entity API module 7.x-1.x before 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions and read unpublished comments via unspecified vectors.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Entity Api Project Entity Api | =7.x-1.0 | |
Entity Api Project Entity Api | =7.x-1.1 | |
Entity Api Project Entity Api | =7.x-1.2 | |
Fedoraproject Fedora | =19 | |
Fedoraproject Fedora | =20 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.