The Scald module 7.x-1.x before 7.x-1.5 for Drupal does not properly restrict access to fields, which allows remote attackers to obtain sensitive atom property information via vectors involving a “debug context.”
CPE | Name | Operator | Version |
---|---|---|---|
scald | eq | 7.120.14 | |
scald | eq | 7.120.10 | |
scald | eq | 7.x-1.0 beta2 | |
scald | eq | 7.x-1.0 alpha2 | |
scald | eq | 7.x-1.0 beta4 | |
scald | eq | 7.x-1.0 alpha1 | |
scald | eq | 7.120.13 | |
scald | eq | 7.x-1.0 rc3 | |
scald | eq | 7.120.12 | |
scald | eq | 7.120.11 |