Unrated severityNVD Advisory· Published Sep 17, 2015· Updated Jun 17, 2026
CVE-2015-7229
CVE-2015-7229
Description
The Twitter module 6.x-5.x before 6.x-5.2, 7.x-5.x before 7.x-5.9, and 7.x-6.x before 7.x-6.0 for Drupal does not properly check access permissions, which allows remote authenticated users to post tweets to arbitrary accounts by leveraging the (1) "post to twitter" permission or change the options for arbitrary attached accounts by leveraging the (2) "add twitter accounts" or (3) "add authenticated twitter accounts" permission.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
15cpe:2.3:a:twitter_project:twitter:6.x-5.0:*:*:*:*:drupal:*:*+ 13 more
- cpe:2.3:a:twitter_project:twitter:6.x-5.0:*:*:*:*:drupal:*:*
- cpe:2.3:a:twitter_project:twitter:6.x-5.1:*:*:*:*:drupal:*:*
- cpe:2.3:a:twitter_project:twitter:6.x-5.x:dev:*:*:*:drupal:*:*
- cpe:2.3:a:twitter_project:twitter:7.x-5.0:*:*:*:*:drupal:*:*
- cpe:2.3:a:twitter_project:twitter:7.x-5.1:*:*:*:*:drupal:*:*
- cpe:2.3:a:twitter_project:twitter:7.x-5.2:*:*:*:*:drupal:*:*
- cpe:2.3:a:twitter_project:twitter:7.x-5.3:*:*:*:*:drupal:*:*
- cpe:2.3:a:twitter_project:twitter:7.x-5.4:*:*:*:*:drupal:*:*
- cpe:2.3:a:twitter_project:twitter:7.x-5.5:*:*:*:*:drupal:*:*
- cpe:2.3:a:twitter_project:twitter:7.x-5.6:*:*:*:*:drupal:*:*
- cpe:2.3:a:twitter_project:twitter:7.x-5.7:*:*:*:*:drupal:*:*
- cpe:2.3:a:twitter_project:twitter:7.x-5.8:*:*:*:*:drupal:*:*
- cpe:2.3:a:twitter_project:twitter:7.x-6.0:alpha1:*:*:*:drupal:*:*
- cpe:2.3:a:twitter_project:twitter:7.x-6.0:alpha2:*:*:*:drupal:*:*
Patches
Vulnerability mechanics
References
4- www.drupal.org/node/2559981nvdPatch
- www.drupal.org/node/2559985nvdPatch
- www.drupal.org/node/2559989nvdPatch
- www.drupal.org/node/2565827nvdPatchVendor Advisory
News mentions
0No linked articles in our index yet.