CVE-2024-13255 | HackTesting

Exposure of Sensitive Information Through Data Queries vulnerability in Drupal RESTful Web Services allows Forceful Browsing.This issue affects RESTful Web Services: from 7.X-2.0 before 7.X-2.10.

Credits

Fran Garcia-Linares

Neil Drumm

Fran Garcia-Linares

Neil Drumm

References

https://www.drupal.org/sa-contrib-2024-019