CVE-2015-7227

The Fieldable Panels Panes module 7.x-1.x before 7.x-1.7 for Drupal does not properly check permissions to edit Fieldable Panels Panes entities, which allows remote authenticated users to edit panes by leveraging permissions to edit panels.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.5 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:S/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 33%
VendorProductVersion
fieldable_panels_panes_projectfieldable_panels_panes
7.x-1.0:x
fieldable_panels_panes_projectfieldable_panels_panes
7.x-1.0:x
fieldable_panels_panes_projectfieldable_panels_panes
7.x-1.1:x
fieldable_panels_panes_projectfieldable_panels_panes
7.x-1.2:x
fieldable_panels_panes_projectfieldable_panels_panes
7.x-1.3:x
fieldable_panels_panes_projectfieldable_panels_panes
7.x-1.4:x
fieldable_panels_panes_projectfieldable_panels_panes
7.x-1.5:x
fieldable_panels_panes_projectfieldable_panels_panes
7.x-1.6:x
fieldable_panels_panes_projectfieldable_panels_panes
7.x-1.x:x
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.drupal.org/node/2561971
https://www.drupal.org/node/2561981
https://www.drupal.org/node/2561971
https://www.drupal.org/node/2561981