4 matches found
CVE-2024-13276
Insertion of Sensitive Information Into Sent Data vulnerability in Drupal File Entity fieldable files allows Forceful Browsing.This issue affects File Entity fieldable files: from 7.X- before 7.X-2.39...
CVE-2024-13276
creationtimestamp| type| source ---|---|--- 2025-01-09 19:33:37+00:00| seen| https://infosec.exchange/users/cve/statuses/113800066948393639 2025-01-09 20:16:36+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfdinv6eck2e 2025-01-10 17:04:37+00:00| seen|...
CVE-2024-13276
CVE-2024-13276 affects Drupal File Entity (fieldable files) versions 7.X-* before 7.X-2.39. The vulnerability allows insertion of sensitive information into sent data, enabling forceful browsing and potential disclosure of protected data. Root cause details point to how files are stored and expos...
CVE-2024-13276 File Entity (fieldable files) - Moderately critical - Information Disclosure - SA-CONTRIB-2024-040
Insertion of Sensitive Information Into Sent Data vulnerability in Drupal File Entity fieldable files allows Forceful Browsing.This issue affects File Entity fieldable files: from 7.X- before 7.X-2.39...