Skip to main content

Token Insert Entity

1 CVEs product

Monthly

CVE-2015-8602 LOW PATCH Monitor

The Token Insert Entity module 7.x-1.x before 7.x-1.1 for Drupal does not properly check permissions, which allows remote authenticated users with certain permissions to bypass intended access. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Token Insert Entity
NVD
CVSS 2.0
3.5
EPSS
0.1%
EPSS 0% CVSS 3.5
LOW PATCH Monitor

The Token Insert Entity module 7.x-1.x before 7.x-1.1 for Drupal does not properly check permissions, which allows remote authenticated users with certain permissions to bypass intended access. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Token Insert Entity
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy