Entityform Block Project : Security Vulnerabilities, CVEs,
The Entityform Block module 7.x-1.x before 7.x-1.3 for Drupal does not properly check permissions when a form is locked to a role, which allows remote attackers to obtain access to certain entityforms via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.29%
Published
2015-08-18
Updated
2015-08-20
1 vulnerabilities found