Project: Universally Unique IDentifier
Security risk: *Moderately critical* 12∕25
Vulnerability: Arbitrary file upload
This module provides an API for adding universally unique identifiers (UUID)
to Drupal objects, most notably entities.
The module module has an arbitrary file upload vulnerability when it's used
in combination with the services REST server.
This vulnerability is mitigated by the fact that an attacker must have a role
with the permission to allow to upload to the file create REST endpoint.