VYPR
Unrated severityNVD Advisory· Published Aug 18, 2015· Updated Jun 17, 2026

CVE-2015-5502

CVE-2015-5502

Description

The Storage API module 7.x-1.x before 7.x-1.8 for Drupal does not properly restrict access to Storage API fields attached to entities that are not nodes, which allows remote attackers to have unspecified impact via unknown vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

9
  • cpe:2.3:a:storage_api_project:storage_api:7.x-1.0:*:*:*:*:drupal:*:*+ 7 more
    • cpe:2.3:a:storage_api_project:storage_api:7.x-1.0:*:*:*:*:drupal:*:*
    • cpe:2.3:a:storage_api_project:storage_api:7.x-1.1:*:*:*:*:drupal:*:*
    • cpe:2.3:a:storage_api_project:storage_api:7.x-1.2:*:*:*:*:drupal:*:*
    • cpe:2.3:a:storage_api_project:storage_api:7.x-1.3:*:*:*:*:drupal:*:*
    • cpe:2.3:a:storage_api_project:storage_api:7.x-1.4:*:*:*:*:drupal:*:*
    • cpe:2.3:a:storage_api_project:storage_api:7.x-1.5:*:*:*:*:drupal:*:*
    • cpe:2.3:a:storage_api_project:storage_api:7.x-1.6:*:*:*:*:drupal:*:*
    • cpe:2.3:a:storage_api_project:storage_api:7.x-1.7:*:*:*:*:drupal:*:*
  • Range: <7.x-1.8

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.