Drupal core - Moderately critical - Access Bypass - SA-CORE-2021-010
|
System information
|
| |
|
|
Affected software |
Drupal |
Description
|
Project: Drupal coreDate: 2021-September-15Security risk: Moderately critical 12∕25 AC:Basic/A:None/CI:Some/II:None/E:Theoretical/TD:DefaultVulnerability: Access BypassCVE IDs: CVE-2020-13677Description: Under some circumstances, the Drupal core JSON:API module does not properly restrict access to certain content, which may result in unintended access bypass.Sites that do not have the JSON:API module enabled are not affected.This advisory is not covered by Drupal Steward.Solution:
More info:
https://www.drupal.org/sa-core-2021-010 |
Standar resources
|
|
Property |
Value |
|
CVE |
CVE-2020-13677. |
