Payment
1 CVEs
product
Monthly
The Payment module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict access to payments, which allows remote attackers to read arbitrary payments. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.
Privilege Escalation
Payment
NVD
CVSS 2.0
5.0
EPSS
0.5%
EPSS 0%
CVSS 5.0
MEDIUM
PATCH
This Month
The Payment module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict access to payments, which allows remote attackers to read arbitrary payments. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.
Privilege Escalation
Payment
NVD