2 matches found
CVE-2015-7875
CVE-2015-7875 concerns the Drupal Chaos tool suite (ctools) module. Affected versions: ctools 6.x-1.x prior to 6.x-1.14 and 7.x-1.x prior to 7.x-1.8. The flaw is improper validation of the edit permission for the content type plugin used by Panels and similar systems, allowing a remote authentica...
Ctools - Critical - Multiple Vulnerabilities - SA-CONTRIB-2015-141
Cross Site Scripting XSS Ctools in Drupal 6 provides a number of APIs and extensions for Drupal, and is a dependency for many of the most popular modules, including Views, Panels and Entityreference. Many features introduced in Drupal Core once lived in ctools. This vulnerability can be mitigated...