-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security

Vulnerability Details

Registries

Custom Views

Weaknesses

Attack Patterns

Filters & Tools

freelinking_project

Source -

NVD

BOS Name -

N/A

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

2

Related CVEs Related Products Related Assigners Reports

2Vulnerabilities found

Assigner-Drupal.org

Assigner-Drupal.org

CVSS Score-4.3||MEDIUM

EPSS-0.06% / 16.95%

||

7 Day CHG~0.00%

Published-09 Jan, 2025 | 19:19

Updated-27 Aug, 2025 | 19:27

Rejected-Not Available

Known To Be Used In Ransomware Campaigns?-Not Available

KEV Added-Not Available

KEV Action Due Date-Not Available

Freelinking - Moderately critical - Information Disclosure - SA-CONTRIB-2024-034

Incorrect Authorization vulnerability in Drupal Freelinking allows Forceful Browsing.This issue affects Freelinking: from 0.0.0 before 4.0.1.

Action-Not Available

Vendor-freelinking_project The Drupal Association

Product-freelinking Freelinking

CWE ID-CWE-863

Incorrect Authorization

Assigner-MITRE Corporation

Assigner-MITRE Corporation

CVSS Score-4.3||MEDIUM

EPSS-0.21% / 43.97%

||

7 Day CHG~0.00%

Published-06 Aug, 2014 | 18:00

Updated-12 Apr, 2025 | 10:46

Rejected-Not Available

Known To Be Used In Ransomware Campaigns?-Not Available

KEV Added-Not Available

KEV Action Due Date-Not Available

The freelinking module for Drupal, as used in the Freelinking for Case Tracker module, does not properly check access permissions for (1) nodes or (2) users, which allows remote attackers to obtain sensitive information via a crafted link.

Action-Not Available

Vendor-freelinking_for_case_tracker_project freelinking_project n/a

Product-freelinking_for_case_tracker freelinking n/a