CVE-2014-1399

Name of the Vulnerable Software and Affected Versions Entity API module versions 7.x-1.x before 7.x-1.3

Description The issue concerns the entity wrapper access API in the Entity API module for Drupal, which might allow remote authenticated users to bypass intended access restrictions on referenced entities.

Recommendations For Entity API module versions 7.x-1.x before 7.x-1.3, update to version 7.x-1.3 or later to resolve the issue.