3 matches found
CVE-2015-7305
The Scald module 7.x-1.x before 7.x-1.5 for Drupal does not properly restrict access to fields, which allows remote attackers to obtain sensitive atom property information via vectors involving a "debug context."...
CVE-2015-7305
The vulnerability CVE-2015-7305 affects the Drupal Scald module (Scald 7.x-1.x) prior to 7.x-1.5, where a misconfiguration allows remote attackers to obtain sensitive atom property information via a debug context, bypassing field restrictions. Affected software is the Scald: Media Management made...
Scald - Moderately Critical - Information Disclosure - SA-CONTRIB-2015-151
This module enables you to easily manage your media assets and re-use them in all your content. The module provided a "debug" context that gave access to all the atom properties, including all the fields attached to this atom, without applying the corresponding field restrictions. This...