WhiteSource Vulnerability Database
We found results for “”
Good to know:
Date: May 13, 2014
The FileField Sources module 6.x-1.x before 6.x-1.9 and 7.x-1.x before 7.x-1.9 for Drupal does not properly check file permissions, which allows remote authenticated users to read arbitrary files by attaching a file.
Weakness Type (CWE)
Permissions, Privileges, and Access ControlCWE-264
Upgrade to version 6.x-1.9, 7.x-1.9.
|Access Vector (AV):||NETWORK|
|Access Complexity (AC):||LOW|