A huge collection of 3400+ free website templates JAR theme com WP themes and more at the biggest community-driven free web design site
Home / security-advisories / A critical vulnerability in Drupal’s RESTful Web Services

A critical vulnerability in Drupal’s RESTful Web Services

Advisory No: TZCERT/SA/2024/05/17-4

Date of First Release: 17th May 2024

Source: Drupal

Software Affected: RESTful Web Services

Overview:

Drupal plugin is vulnerable to a critical vulnerability. The attackers can leverage the vulnerability to bypass access controls.

Description:

RESTful Web Services in Drupal CMS is affected by a critical vulnerability as a result of insufficient access restriction for user resources. The attackers can exploit the vulnerability to gain escalated privilege.

Impact:

Successful exploitation of this vulnerability may allow an attacker to gain escalated privilege.

Solution:

Drupal has released a security patch for this vulnerability. Users and administrators are encouraged to apply necessary updates.

References:

  1. https://www.drupal.org/sa-contrib-2024-019

Best free WordPress theme

Check Also

Multiple critical vulnerabilities affecting WordPress (CVE-2024-3604, CVE-2024-6314, CVE-2024-6313, CVE-2024-6365)

Advisory No: TZCERT/SA/2024/07/10-2 Date of First Release: 10th July 2024 Source: Wordfence Software Affected: osm, …

DISCLAIMER |FAQ |CONTACT US
Tanzania Computer Emergency Response Team © Copyright 2024, All Rights Reserved.