MidnightBSD

Advisories for web_component_roles_project

CVE-2014-9022 MEDIUM

The Webform Component Roles module 6.x-1.x before 6.x-1.8 and 7.x-1.x before 7.x-1.8 for Drupal allows remote attackers to bypass the "disabled" restriction and modify read-only components via a crafted form.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
web_component_roles_project web_component_roles 7.x-1.2
web_component_roles_project web_component_roles 7.x-1.4
web_component_roles_project web_component_roles 7.x-1.7
web_component_roles_project web_component_roles 6.x-1.5
web_component_roles_project web_component_roles 7.x-1.0
web_component_roles_project web_component_roles 7.x-1.3
web_component_roles_project web_component_roles 7.x-1.6
web_component_roles_project web_component_roles 6.x-1.6
web_component_roles_project web_component_roles 7.x-1.5
web_component_roles_project web_component_roles 7.x-1.1