Entityreference
1 CVEs
product
Monthly
The Entity reference module 7.x-1.x before 7.x-1.1-rc1 for Drupal allows remote attackers to read private nodes titles by leveraging edit permissions to a node that references a private node. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.
Privilege Escalation
Entityreference
NVD
VulDB
CVSS 2.0
4.3
EPSS
0.2%
EPSS 0%
CVSS 4.3
MEDIUM
PATCH
This Month
The Entity reference module 7.x-1.x before 7.x-1.1-rc1 for Drupal allows remote attackers to read private nodes titles by leveraging edit permissions to a node that references a private node. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.
Privilege Escalation
Entityreference
NVD
VulDB