Candidate: CVE-2020-13676
PublicDate: 2022-02-11 16:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13676
 https://www.drupal.org/sa-core-2021-009
Description:
 The QuickEdit module does not properly check access to fields in some
 circumstances, which can lead to unintended disclosure of field data. Sites
 are only affected if the QuickEdit module (which comes with the Standard
 profile) is installed.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N [6.5 MEDIUM]


Patches_drupal7:
upstream_drupal7: needs-triage
trusty/esm_drupal7: not-affected (code not present)
trusty_drupal7: ignored (out of standard support)
xenial_drupal7: ignored (out of standard support)