Unrated severityNVD Advisory· Published May 19, 2014· Updated Jun 16, 2026

CVE-2013-4406

Description

The Quick Tabs module 6.x-2.x before 6.x-2.2, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.6 for Drupal does not properly check block permissions, which allows remote attackers to obtain sensitive information by reading a Quick Tab.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Quick Tabs Module Project/Quicktabs25 versions
cpe:2.3:a:quick_tabs_module_project:quicktabs:6.x-2.0:-:*:*:*:drupal:*:*+ 24 more
- cpe:2.3:a:quick_tabs_module_project:quicktabs:6.x-2.0:-:*:*:*:drupal:*:*
- cpe:2.3:a:quick_tabs_module_project:quicktabs:6.x-2.0:rc1:*:*:*:drupal:*:*
- cpe:2.3:a:quick_tabs_module_project:quicktabs:6.x-2.0:rc2:*:*:*:drupal:*:*
- cpe:2.3:a:quick_tabs_module_project:quicktabs:6.x-2.0:rc3:*:*:*:drupal:*:*
- cpe:2.3:a:quick_tabs_module_project:quicktabs:6.x-2.0:rc4:*:*:*:drupal:*:*
- cpe:2.3:a:quick_tabs_module_project:quicktabs:6.x-2.0:rc5:*:*:*:drupal:*:*
- cpe:2.3:a:quick_tabs_module_project:quicktabs:6.x-2.1:*:*:*:*:drupal:*:*
- cpe:2.3:a:quick_tabs_module_project:quicktabs:6.x-2.x:dev:*:*:*:drupal:*:*
- cpe:2.3:a:quick_tabs_module_project:quicktabs:6.x-3.0:beta1:*:*:*:drupal:*:*
- cpe:2.3:a:quick_tabs_module_project:quicktabs:6.x-3.0:beta2:*:*:*:drupal:*:*
- cpe:2.3:a:quick_tabs_module_project:quicktabs:6.x-3.0:-:*:*:*:drupal:*:*
- cpe:2.3:a:quick_tabs_module_project:quicktabs:6.x-3.1:*:*:*:*:drupal:*:*
- cpe:2.3:a:quick_tabs_module_project:quicktabs:6.x-3.x:dev:*:*:*:drupal:*:*
- cpe:2.3:a:quick_tabs_module_project:quicktabs:7.x-3.0:alpha1:*:*:*:drupal:*:*
- cpe:2.3:a:quick_tabs_module_project:quicktabs:7.x-3.0:alpha2:*:*:*:drupal:*:*
- cpe:2.3:a:quick_tabs_module_project:quicktabs:7.x-3.0:beta1:*:*:*:drupal:*:*
- cpe:2.3:a:quick_tabs_module_project:quicktabs:7.x-3.0:beta2:*:*:*:drupal:*:*
- cpe:2.3:a:quick_tabs_module_project:quicktabs:7.x-3.0:beta3:*:*:*:drupal:*:*
- cpe:2.3:a:quick_tabs_module_project:quicktabs:7.x-3.0:-:*:*:*:drupal:*:*
- cpe:2.3:a:quick_tabs_module_project:quicktabs:7.x-3.1:*:*:*:*:drupal:*:*
- cpe:2.3:a:quick_tabs_module_project:quicktabs:7.x-3.2:*:*:*:*:drupal:*:*
- cpe:2.3:a:quick_tabs_module_project:quicktabs:7.x-3.3:*:*:*:*:drupal:*:*
- cpe:2.3:a:quick_tabs_module_project:quicktabs:7.x-3.4:*:*:*:*:drupal:*:*
- cpe:2.3:a:quick_tabs_module_project:quicktabs:7.x-3.5:*:*:*:*:drupal:*:*
- cpe:2.3:a:quick_tabs_module_project:quicktabs:7.x-3.x:dev:*:*:*:drupal:*:*
Drupal/Quick Tabsllm-fuzzy
Range: <6.x-2.2, <6.x-3.2, <7.x-3.6

Patches

Vulnerability mechanics

References

drupal.org/node/2103113nvdPatch
drupal.org/node/2103121nvdPatch
drupal.org/node/2103127nvdPatch
drupal.org/node/2103187nvdPatchVendor Advisory
www.openwall.com/lists/oss-security/2013/10/04/14nvd
www.openwall.com/lists/oss-security/2013/10/05/1nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000