Shipwire Api Project » Shipwire Api : Security Vulnerabilities, CVEs,
The Shipwire API module 7.x-1.x before 7.x-1.03 for Drupal does not check the view permission for the shipments overview (admin/shipwire/shipments), which allows remote attackers to obtain sensitive information via a request to the page.
Max CVSS
5.0
EPSS Score
0.33%
Published
2015-08-18
Updated
2015-09-03
1 vulnerabilities found