Security Advisory

CVE-2020-13677

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-02-11 15:55:12

Last updated 2024-08-04 12:25:16

Assigner drupal

State PUBLISHED

Description

Under some circumstances, the Drupal core JSON:API module does not properly restrict access to certain content, which may result in unintended access bypass. Sites that do not have the JSON:API module enabled are not affected.

← Browse all CVEs View on cve.org ↗