This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
Detail | |||
---|---|---|---|
Vendor | Twilio Project | First view | 2014-11-20 |
Product | Twilio | Last view | 2014-11-20 |
Version | 7.x-1.8 | Type | Application |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | drupal | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:a:twilio_project:twilio |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
5.5 | 2014-11-20 | CVE-2014-9023 | The Twilio module 7.x-1.x before 7.x-1.9 for Drupal does not properly restrict access to the Twilio administration pages, which allows remote authenticated users to read and modify authentication tokens by leveraging the "access administration pages" Drupal permission. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
100% (1) | CWE-264 | Permissions, Privileges, and Access Controls |