Entityform Block Project: Security Vulnerabilities
The Entityform Block module 7.x-1.x before 7.x-1.3 for Drupal does not properly check permissions when a form is locked to a role, which allows remote attackers to obtain access to certain entityforms via unspecified vectors.
CVSS Score
5.0
EPSS Score
0.002
Published
2015-08-18