2 matches found
CVE-2014-9023
Summary (CVE-2014-9023): The Drupal Twilio module (7.x-1.x, affected versions prior to 7.x-1.9) exposes authentication tokens because access to the Twilio administration pages is not properly restricted. Remote authenticated users with the Drupal permission “access administration pages” can read ...
SA-CONTRIB-2014-093 - Twilio - Information Disclosure
This module enables you to easily add SMS and VOIP functionality to your website by leveraging the Twilio cloud Voip and SMS service. The module doesn't expose its own permissions for administration including viewing and editing the Twilio authentication tokens. It relies only on "access...