3 matches found
EUVD-2026-43053
Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Flag attendance field allows Object Injection. This issue affects Flag attendance field versions: from 0.0.0 to 1.2...
CVE-2026-55809
The CVE-2026-55809 entry concerns Drupal’s Flag attendance field module. The root cause is an object injection vulnerability caused by handling PHP-serialized data stored in the flag_attendance_field, which can lead to PHP object injection when data are unserialized. Affected versions are Flag at...
PT-2026-50611
Name of the Vulnerable Software and Affected Versions Flag attendance field versions 0.0.0 through 1.2 Description An Object Injection issue exists in the Flag attendance field module due to the improper control of modification of dynamically-determined object attributes. The module stores data a...