CVE Vulnerabilities

CVE-2013-4406

Published: May 19, 2014 | Modified: May 19, 2014
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

The Quick Tabs module 6.x-2.x before 6.x-2.2, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.6 for Drupal does not properly check block permissions, which allows remote attackers to obtain sensitive information by reading a Quick Tab.

Affected Software

Name Vendor Start Version End Version
Quicktabs Quick_tabs_module_project 6.x-3.0 (including) 6.x-3.0 (including)
Quicktabs Quick_tabs_module_project 6.x-3.0-beta1 (including) 6.x-3.0-beta1 (including)
Quicktabs Quick_tabs_module_project 6.x-3.0-beta2 (including) 6.x-3.0-beta2 (including)
Quicktabs Quick_tabs_module_project 6.x-3.1 (including) 6.x-3.1 (including)
Quicktabs Quick_tabs_module_project 6.x-3.x-dev (including) 6.x-3.x-dev (including)

References