VYPR
Unrated severityNVD Advisory· Published Nov 20, 2014· Updated Jun 17, 2026

CVE-2014-9023

CVE-2014-9023

Description

The Twilio module 7.x-1.x before 7.x-1.9 for Drupal does not properly restrict access to the Twilio administration pages, which allows remote authenticated users to read and modify authentication tokens by leveraging the "access administration pages" Drupal permission.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • cpe:2.3:a:twilio_project:twilio:7.x-1.1:*:*:*:*:drupal:*:*+ 6 more
    • cpe:2.3:a:twilio_project:twilio:7.x-1.1:*:*:*:*:drupal:*:*
    • cpe:2.3:a:twilio_project:twilio:7.x-1.2:*:*:*:*:drupal:*:*
    • cpe:2.3:a:twilio_project:twilio:7.x-1.4:*:*:*:*:drupal:*:*
    • cpe:2.3:a:twilio_project:twilio:7.x-1.5:*:*:*:*:drupal:*:*
    • cpe:2.3:a:twilio_project:twilio:7.x-1.6:*:*:*:*:drupal:*:*
    • cpe:2.3:a:twilio_project:twilio:7.x-1.8:*:*:*:*:drupal:*:*
    • cpe:2.3:a:twilio_project:twilio:7.x-1.9:*:*:*:*:drupal:*:*
  • Drupal/Twiliollm-create
    Range: <7.x-1.9

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.