Vulnerability Details CVE-2015-7875
ctools 6.x-1.x before 6.x-1.14 and 7.x-1.x before 7.x-1.8 in Drupal does not verify the "edit" permission for the "content type" plugins that are used on Panels and similar systems to place content and functionality on a page.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.4%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2015-7875
-
cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.0
-
cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.1
-
cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.11
-
cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.12
-
cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.13
-
cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.2
-
cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.3
-
cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.4
-
cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.5
-
cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.6
-
cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.7
-
cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.8
-
cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.9
-
cpe:2.3:a:chaos_tool_suite_project:ctools:6.x-1.x
-
cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.0
-
cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.1
-
cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.2
-
cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.3
-
cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.4
-
cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.5
-
cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.6
-
cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.7
-
cpe:2.3:a:chaos_tool_suite_project:ctools:7.x-1.x