2009-11-20 19:00:00
mitre
PUBLISHED
The Web Services module 6.x for Drupal does not perform the expected access control, which allows remote attackers to make unspecified use of an API via unknown vectors.