Project: 
Date: 
2018-February-14
Vulnerability: 
Information Disclosure
Description: 

The Entity API module extends the entity API of Drupal core in order to provide a unified way to deal with entities and their properties.

The module prints debugging information to the HTML output in certain error conditions thereby causing an information disclosure vulnerability.

This vulnerability is mitigated by the fact that an attacker needs to be able to trigger the error condition in a way that protected data is exposed.

Solution: 

Install the latest version:

Reported By: 
Coordinated By: