2 matches found
CVE-2026-1556 Information disclosure via file URI overwrite in File (Field) Paths
Information disclosure in the file URI processing of File Field Paths in Drupal File Field Paths 7.x prior to 7.1.3 on Drupal 7.x allows authenticated users to disclose other users’ private files via filename‑collision uploads. This can cause hooknodeinsert consumers for example, email attachment...
Drupal Services single sign-on server helper module open redirect vulnerability
Drupal is the Drupal community maintains a set of free, open source content management system developed in PHP language. services single sign-on server helper is one of the services single sign-on helper module. An open redirect vulnerability exists in version 7.x of the Drupal Services single...