Description
The Field as Block module 7.x-1.x before 7.x-1.4 for Drupal might allow remote attackers to obtain sensitive field information by reading a cached block.
References (2)
Core 2
Core References
Patch, Vendor Advisory x_refsource_misc
https://www.drupal.org/node/2603560
Patch x_refsource_confirm
https://www.drupal.org/node/2603420
Scores
EPSS
0.0120
EPSS Percentile
64.4%
Details
CWE
CWE-200
Status
published
Products (4)
field_as_block_project/field_as_block
7.x-1.0
field_as_block_project/field_as_block
7.x-1.1
field_as_block_project/field_as_block
7.x-1.2
field_as_block_project/field_as_block
7.x-1.3
Published
Nov 06, 2015
Tracked Since
Feb 18, 2026