Vulnerabilities > Entity Reference Project

DATE CVE VULNERABILITY TITLE RISK
2014-04-29 CVE-2013-7066 Permissions, Privileges, and Access Controls vulnerability in Entity Reference Project Entityreference 7.X1.0/7.X1.X
The Entity reference module 7.x-1.x before 7.x-1.1-rc1 for Drupal allows remote attackers to read private nodes titles by leveraging edit permissions to a node that references a private node.
4.3