Entity Api@7.x-1.2 Security Vulnerabilities and Issues — Entity Api@7.x-1.2 CVE List

Lucene search

Entity Api ProjectEntity Api7.x-1.2

3 matches found

CVE•added 2018/04/10 3:29 p.m.•44 views

CVE-2014-1398

The entity wrapper access API in the Entity API module 7.x-1.x before 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions on comment, user and node statistics properties via unspecified vectors.

6.5CVSS5.9AI score0.00384EPSS

CVE•added 2018/04/10 3:29 p.m.•44 views

CVE-2014-1399

The entity wrapper access API in the Entity API module 7.x-1.x before 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions on referenced entities via unspecified vectors.

6.5CVSS5.9AI score0.00308EPSS

CVE•added 2018/04/10 3:29 p.m.•44 views

CVE-2014-1400

The entity_access API in the Entity API module 7.x-1.x before 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions and read unpublished comments via unspecified vectors.

6.5CVSS5.9AI score0.00384EPSS