CVE-2024-13276

Insertion of Sensitive Information Into Sent Data vulnerability in Drupal File Entity fieldable files allows Forceful Browsing.This issue affects File Entity fieldable files: from 7.X- before 7.X-2.39...

CVE-2024-13237

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal File Entity fieldable files allows Cross-Site Scripting XSS.This issue affects File Entity fieldable files: from 7.X- before 7.X-2.38...

Drupal File Entity (fieldable files) module < 7.x-2.39 - Authenticated Sensitive Data Exposure vulnerability

Authenticated Sensitive Data Exposure vulnerability discovered by Devin Zuczek in WordPress Module File Entity fieldable files versions 7.x-2.39...

File Entity (fieldable files) - Moderately critical - Cross Site Scripting, Access bypass - SA-CONTRIB-2024-001

File entity provides interfaces for managing files. It also extends the core file entity, allowing files to be fieldable, grouped into types, viewed using display modes and formatted using field formatters. The module previously did not sufficiently validate files under the scenario of a file...