2 matches found
CVE-2024-13270
The CVE-2024-13270 entry relates to the Drupal Freelinking module. Both NVD/NVD-derived and Drupal security advisory data indicate an Incorrect Authorization vulnerability in Freelinking prior to 4.0.1, which enables forceful browsing via insufficient access checks when rendering links. The issue...
CVE-2014-5179
The Drupal freelinking and Freelinking Case Tracker contributed modules contain an access control bypass flaw: the modules do not sufficiently check permissions when displaying links to nodes and users, enabling remote retrieval of sensitive information via crafted links. This affects all version...