MidnightBSD

Advisories for twilio_project

CVE-2014-9023 MEDIUM

The Twilio module 7.x-1.x before 7.x-1.9 for Drupal does not properly restrict access to the Twilio administration pages, which allows remote authenticated users to read and modify authentication tokens by leveraging the "access administration pages" Drupal permission.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
twilio_project twilio 7.x-1.1
twilio_project twilio 7.x-1.2
twilio_project twilio 7.x-1.9
twilio_project twilio 7.x-1.4
twilio_project twilio 7.x-1.6
twilio_project twilio 7.x-1.5
twilio_project twilio 7.x-1.8