Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Chaos tool suite (ctools) module 7.x-1.x before 7.x-1.7 for Drupal allows remote attackers to obtain sensitive node titles via (1) an autocomplete search on custom entities without an access query tag or (2) leveraging knowledge of the ID of an entity.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Drupal Chaos tool suite模块信息泄露漏洞
Vulnerability Description
Drupal是Drupal社区所维护的一套用PHP语言开发的免费、开源的内容管理系统。Chaos tool suite(ctools)是其中的一个用于改进开发体验的API模块。 Drupal Chaos tool suite模块7.x-1.7之前7.x-1.x版本中存在安全漏洞。远程攻击者可借助自定义实体(没有访问查询标签)的自动完成搜索功能或已知的实体ID,利用该漏洞获取敏感的节点标题。
CVSS Information
N/A
Vulnerability Type
N/A