Unrated severityNVD Advisory· Published Aug 21, 2013· Updated Apr 29, 2026
CVE-2013-4230
CVE-2013-4230
Description
The mm_webform submodule in the Monster Menus module 6.x-6.x before 6.x-6.61 and 7.x-1.x before 7.x-1.13 for Drupal does not properly restrict access to webform submissions, which allows remote authenticated users with the "Who can read data submitted to this webform" permission to delete arbitrary submissions via unspecified vectors.
Affected products
41cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.19:*:*:*:*:*:*:*+ 40 more
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.19:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.22:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.23:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.24:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.25:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.26:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.27:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.29:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.30:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.31:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.32:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.33:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.34:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.35:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.36:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.37:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.38:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.41:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.42:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.43:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.44:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.48:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.53:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.56:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.57:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.59:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:6.x-6.60:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.0:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.1:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.10:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.11:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.12:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.2:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.3:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.4:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.5:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.6:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.7:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.8:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.9:*:*:*:*:*:*:*
- cpe:2.3:a:monster_menus_project:monster_menus:7.x-1.x:dev:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- drupal.org/node/2059805nvdPatch
- drupal.org/node/2059807nvdPatch
- secunia.com/advisories/54391nvdVendor Advisory
- drupal.org/node/2059823nvdVendor Advisory
- www.openwall.com/lists/oss-security/2013/08/10/1nvd
- www.securityfocus.com/bid/61711nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/86326nvd
News mentions
0No linked articles in our index yet.