Drupal · Content Entity Clone · CVE-2024-13271
**Name of the Vulnerable Software and Affected Versions**
Content Entity Clone versions 0.0.0 through 1.0.4
**Description**
The issue is related to incorrect authorization in the Content Entity Clone module for Drupal, allowing forceful browsing. This can enable a remote attacker to disclose protected information.
**Recommendations**
For versions 0.0.0 through 1.0.4, update to a version newer than 1.0.4 to resolve the issue.
As a temporary workaround, consider restricting access to the Content Entity Clone module until a patch is available.