cvedb.io
CVE-2015-4375
UNKNOWN · CVSS n/a
EPSS exploitation probability: 0%
Published 2015-06-15T14:59:32.763 · Last modified 2026-06-17T00:27:11.277

Summary

The Chaos tool suite (ctools) module 7.x-1.x before 7.x-1.7 for Drupal allows remote attackers to obtain sensitive node titles via (1) an autocomplete search on custom entities without an access query tag or (2) leveraging knowledge of the ID of an entity.

Affected products

chaos_tool_suite_project — ctools

Does this affect you?

Add your gear to cvedb and we'll alert you only when chaos_tool_suite_project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.