5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.967 High
EPSS
Percentile
99.7%
This module saves time and disk space by sending requests to your development environment’s files directory to the production environment and making a copy of the production file in your development site.
An attacker could make repeated requests to the server, even over a long period, which would degrade the performance of all file handling and potentially prevent certain file operations.
Drupal core is not affected. If you do not use the contributed Stage File Proxy module, there is nothing you need to do.
Install the latest version:
Also see the Stage File Proxy project page.