CVE-2014-9023

MEDIUM(5.5)

AV:N/AC:L/Au:S/C:P/I:P/A:N

Risk Signal Score14/100 — NIEDRIG

CVSS 5.5 — Mittel

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

5.5

Technische Schwere

Beschreibung

The Twilio module 7.x-1.x before 7.x-1.9 for Drupal does not properly restrict access to the Twilio administration pages, which allows remote authenticated users to read and modify authentication tokens by leveraging the "access administration pages" Drupal permission.

Referenzen

https://www.drupal.org/node/2337623
https://www.drupal.org/node/2344363
https://www.drupal.org/node/2337623
https://www.drupal.org/node/2344363