2 matches found
CVE-2015-5502
CVE-2015-5502 (Drupal Storage API module) details Affected software: Drupal Storage API module for Drupal 7.x, versions prior to 7.x-1.8 (7.x-1.x lineage). Root cause: The module did not properly restrict access to Storage API fields attached to entities that are not nodes. Impact: This allows re...
Storage API - Moderately Critical - Access Bypass - SA-CONTRIB-2015-114
The Storage API module creates an underlying agnostic storage layer for Drupal using many different underlying storage methods. Storage API can be used to create fields for entities to hold data. The module failed to restrict access to the Storage API fields attached to entities that are not node...