Home

Description

Exposure of Sensitive Information Through Data Queries vulnerability in Drupal RESTful Web Services allows Forceful Browsing.This issue affects RESTful Web Services: from 7.X-2.0 before 7.X-2.10.

PUBLISHED Reserved 2025-01-09 | Published 2025-01-09 | Updated 2025-01-10 | Assigner drupal

Problem types

CWE-202 Exposure of Sensitive Information Through Data Queries

Product status

Default status
unaffected

7.x-2.0 (custom) before 7.x-2.10
affected

Credits

Fran Garcia-Linares finder

Neil Drumm remediation developer

Fran Garcia-Linares remediation developer

Neil Drumm coordinator

References

www.drupal.org/sa-contrib-2024-019

cve.org (CVE-2024-13255)

nvd.nist.gov (CVE-2024-13255)

Download JSON