CVE-2024-13258

CVE-2024-13258: Drupal REST & JSON API Authentication - Moderately critical - Access bypass - SA-CONTRIB-2024-022

Vendor Drupal

Product Drupal REST & JSON API Authentication

Weakness CWE-863 · Incorrect authorization

Published January 9, 2025

Last update January 10, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

Incorrect Authorization vulnerability in Drupal Drupal REST & JSON API Authentication allows Forceful Browsing.This issue affects Drupal REST & JSON API Authentication: from 0.0.0 before 2.0.13.

Key dates

Disclosure timeline

January 9, 2025 CVE published

January 10, 2025 Record updated