CVE-2015-4375 in Chaos Tool Suiteالمعلومات

الملخص

بحسب MITRE

The Chaos tool suite (ctools) module 7.x-1.x before 7.x-1.7 for Drupal allows remote attackers to obtain sensitive node titles via (1) an autocomplete search on custom entities without an access query tag or (2) leveraging knowledge of the ID of an entity.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

حجز

05/06/2015

إفشاء

15/06/2015

الاعتدال

تمت الموافقة

إدخال

VDB-75924

EPSS

0.01228

KEV

لا

النشاطات

منخفض جدًا

المصادر

Do you need the next level of professionalism?

Upgrade your account now!