Skip to main content

Filefield Sources

2 CVEs product

Monthly

CVE-2013-4502 MEDIUM PATCH This Month

The FileField Sources module 6.x-1.x before 6.x-1.9 and 7.x-1.x before 7.x-1.9 for Drupal does not properly check file permissions, which allows remote authenticated users to read arbitrary files by. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Filefield Sources
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2012-5538 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the FileField Sources module 6.x-1.x before 6.x-1.6 and 7.x-1.x before 7.x-1.6 for Drupal, when the field has "Reference existing" source enabled, allows. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.

XSS Filefield Sources
NVD
CVSS 2.0
2.1
EPSS
0.2%
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

The FileField Sources module 6.x-1.x before 6.x-1.9 and 7.x-1.x before 7.x-1.9 for Drupal does not properly check file permissions, which allows remote authenticated users to read arbitrary files by. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Filefield Sources
NVD
EPSS 0% CVSS 2.1
LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the FileField Sources module 6.x-1.x before 6.x-1.6 and 7.x-1.x before 7.x-1.6 for Drupal, when the field has "Reference existing" source enabled, allows. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.

XSS Filefield Sources
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy