2 matches found
CVE-2013-4502
The CVE-2013-4502 entry concerns the Drupal contributed module FileField Sources. Affected versions are FileField Sources 6.x-1.x before 6.x-1.9 and 7.x-1.x before 7.x-1.9. The root cause is improper file permission checks when attaching files, enabling remote authenticated users to read arbitrar...
SA-CONTRIB-2013-084 - FileField Sources - Access Bypass
This module expands on the FileField module by allowing you to select new or existing files through additional means, such as re-using files with an auto-complete textfield, attaching server-side files uploaded via FTP, transferring file files from a remote server, pasting a file directly from th...