MidnightBSD

Advisories for storage_api_project

CVE-2015-5502 HIGH

The Storage API module 7.x-1.x before 7.x-1.8 for Drupal does not properly restrict access to Storage API fields attached to entities that are not nodes, which allows remote attackers to have unspecified impact via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-284,

Products Affected

Vendor Product Version
storage_api_project storage_api 7.x-1.5
storage_api_project storage_api 7.x-1.1
storage_api_project storage_api 7.x-1.2
storage_api_project storage_api 7.x-1.4
storage_api_project storage_api 7.x-1.7
storage_api_project storage_api 7.x-1.6
storage_api_project storage_api 7.x-1.0
storage_api_project storage_api 7.x-1.3