3.5
CVE-2015-7229
- EPSS 0.98%
- Veröffentlicht 17.09.2015 16:59:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginThe Twitter module 6.x-5.x before 6.x-5.2, 7.x-5.x before 7.x-5.9, and 7.x-6.x before 7.x-6.0 for Drupal does not properly check access permissions, which allows remote authenticated users to post tweets to arbitrary accounts by leveraging the (1) "post to twitter" permission or change the options for arbitrary attached accounts by leveraging the (2) "add twitter accounts" or (3) "add authenticated twitter accounts" permission.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Twitter Project ≫ Twitter Version6.x-5.0 SwPlatformdrupal
Twitter Project ≫ Twitter Version6.x-5.1 SwPlatformdrupal
Twitter Project ≫ Twitter Version6.x-5.x Updatedev SwPlatformdrupal
Twitter Project ≫ Twitter Version7.x-5.0 SwPlatformdrupal
Twitter Project ≫ Twitter Version7.x-5.1 SwPlatformdrupal
Twitter Project ≫ Twitter Version7.x-5.2 SwPlatformdrupal
Twitter Project ≫ Twitter Version7.x-5.3 SwPlatformdrupal
Twitter Project ≫ Twitter Version7.x-5.4 SwPlatformdrupal
Twitter Project ≫ Twitter Version7.x-5.5 SwPlatformdrupal
Twitter Project ≫ Twitter Version7.x-5.6 SwPlatformdrupal
Twitter Project ≫ Twitter Version7.x-5.7 SwPlatformdrupal
Twitter Project ≫ Twitter Version7.x-5.8 SwPlatformdrupal
Twitter Project ≫ Twitter Version7.x-6.0 Updatealpha1 SwPlatformdrupal
Twitter Project ≫ Twitter Version7.x-6.0 Updatealpha2 SwPlatformdrupal
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.98% | 0.576 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 3.5 | 6.8 | 2.9 |
AV:N/AC:M/Au:S/C:N/I:P/A:N
|
https://www.drupal.org/node/2559981
https://www.drupal.org/node/2559985
https://www.drupal.org/node/2559989
https://www.drupal.org/node/2565827