FileField Sources Module File Permission Vulnerability

FileField Sources Module File Permission Vulnerability

CVE-2013-4502 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

The FileField Sources module 6.x-1.x before 6.x-1.9 and 7.x-1.x before 7.x-1.9 for Drupal does not properly check file permissions, which allows remote authenticated users to read arbitrary files by attaching a file.

Learn more about our User Device Pen Test.