Vulnerability Database

290,206

Total vulnerabilities in the database

CVE-2013-1925

The Chaos Tool Suite (ctools) module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict node access, which allows remote authenticated users with the "access content" permission to read restricted node titles via an autocomplete list.

  • Published: Jul 16, 2013
  • Updated: Apr 13, 2023
  • CVE: CVE-2013-1925
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 3.5
  • AV:N/AC:M/Au:S/C:P/I:N/A:N

CWEs:

Software From Fixed in
chaos_tool_suite_project / ctools 7.x-1.0-beta1 7.x-1.0-beta1.x
chaos_tool_suite_project / ctools 7.x-1.0 7.x-1.0.x
chaos_tool_suite_project / ctools 7.x-1.1 7.x-1.1.x
chaos_tool_suite_project / ctools 7.x-1.0-rc1 7.x-1.0-rc1.x
chaos_tool_suite_project / ctools 7.x-1.0-alpha1 7.x-1.0-alpha1.x
chaos_tool_suite_project / ctools 7.x-1.x-dev 7.x-1.x-dev.x
chaos_tool_suite_project / ctools 7.x-1.0-alpha2 7.x-1.0-alpha2.x
chaos_tool_suite_project / ctools 7.x-1.0-alpha3 7.x-1.0-alpha3.x
chaos_tool_suite_project / ctools 7.x-1.2 7.x-1.2.x
chaos_tool_suite_project / ctools 7.x-1.0-rc2 7.x-1.0-rc2.x
chaos_tool_suite_project / ctools 7.x-1.0-alpha4 7.x-1.0-alpha4.x