The Chaos Tool Suite (ctools) module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict node access, which allows remote authenticated users with the "access content" permission to read. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.
Privilege Escalation
Ctools
NVD
CVSS 2.0
3.5
EPSS
0.4%
The printer friendly version functionality in the Book module in Drupal 6.x before 6.28 and 7.x before 7.19 does not properly restrict access to node that are part of a book outline, which allows. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.
Privilege Escalation
Drupal
NVD
CVSS 2.0
2.1
EPSS
0.4%