Vulnerability Details CVE-2015-7305
The Scald module 7.x-1.x before 7.x-1.5 for Drupal does not properly restrict access to fields, which allows remote attackers to obtain sensitive atom property information via vectors involving a "debug context."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.6%
CVSS Severity
CVSS v2 Score 5.0
Products affected by CVE-2015-7305
-
cpe:2.3:a:ows:scald:7.x-1.0
-
cpe:2.3:a:ows:scald:7.x-1.1
-
cpe:2.3:a:ows:scald:7.x-1.2
-
cpe:2.3:a:ows:scald:7.x-1.3
-
cpe:2.3:a:ows:scald:7.x-1.4