← volver
CVE-2015-4375

CVE-2015-4375

EPSS 1.2%
The Chaos tool suite (ctools) module 7.x-1.x before 7.x-1.7 for Drupal allows remote attackers to obtain sensitive node titles via (1) an autocomplete search on custom entities without an access query tag or (2) leveraging knowledge of the ID of an entity.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.drupal.org/node/2454883https://www.drupal.org/node/2454909http://www.openwall.com/lists/oss-security/2015/03/22/35http://www.openwall.com/lists/oss-security/2015/04/25/6