RESTful Web Services – Critical – Access bypass – SA-CONTRIB-2024-019

Drupal Security Advisory

Date: 
2024-May-15
Vulnerability: 
Access bypass
Description: 

This module exposes Drupal resources (e.g. entities) as RESTful web services.

The module doesn’t sufficiently restrict access for user resources.

Solution: 

Install the latest version:

Reported By: 
Fixed By: 
Coordinated By: 

READ MORE