Install

Works with Drupal: 7.x

Using Composer to manage Drupal site dependencies

Downloads

Download fate-7.x-1.1.tar.gztar.gz 11.94 KB
MD5: 64399e33d56dde1a838e2a6ec3376cfc
SHA-1: 7428225ca04fda7669d53d4ef5a97de4f89aecd1
SHA-256: ed5db702647579f49f67a5e12c55f2117938634f339024fc1f03c7544417995f
Download fate-7.x-1.1.zipzip 13.34 KB
MD5: 02566b4be1cb081661cfc3230bc992db
SHA-1: 66382727d27ad374defea1a8e0d1a44dd74c6342
SHA-256: 2ddddd305f4d98cbf16eb3e5be3880626ddc692e9f6c2c10e7a79537fd4fbcd4

Release notes

This resolves a critical security flaw that allows anonymous visitors, and any authenticated users who would not normally have access to edit the entity, to edit any fields that are enabled via this module. The problem is mitigated by the fact that fields must have the custom edit page specifically enabled, it is not automatic. Updating to this release is critically important to avoid a possible security breach when using this module.

SA-CONTRIB-2014-053 - Field API Tab Editor (FATE) - Access bypass

Created by: DamienMcKenna
Created on: 14 May 2014 at 16:22 UTC
Last updated: 19 Apr 2016 at 13:29 UTC
Security update

Other releases