Unrated severityNVD Advisory· Published Nov 20, 2014· Updated Jun 17, 2026
CVE-2014-9023
CVE-2014-9023
Description
The Twilio module 7.x-1.x before 7.x-1.9 for Drupal does not properly restrict access to the Twilio administration pages, which allows remote authenticated users to read and modify authentication tokens by leveraging the "access administration pages" Drupal permission.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:2.3:a:twilio_project:twilio:7.x-1.1:*:*:*:*:drupal:*:*+ 6 more
- cpe:2.3:a:twilio_project:twilio:7.x-1.1:*:*:*:*:drupal:*:*
- cpe:2.3:a:twilio_project:twilio:7.x-1.2:*:*:*:*:drupal:*:*
- cpe:2.3:a:twilio_project:twilio:7.x-1.4:*:*:*:*:drupal:*:*
- cpe:2.3:a:twilio_project:twilio:7.x-1.5:*:*:*:*:drupal:*:*
- cpe:2.3:a:twilio_project:twilio:7.x-1.6:*:*:*:*:drupal:*:*
- cpe:2.3:a:twilio_project:twilio:7.x-1.8:*:*:*:*:drupal:*:*
- cpe:2.3:a:twilio_project:twilio:7.x-1.9:*:*:*:*:drupal:*:*
Patches
Vulnerability mechanics
References
2- www.drupal.org/node/2337623nvdVendor Advisory
- www.drupal.org/node/2344363nvdVendor Advisory
News mentions
0No linked articles in our index yet.