CVE-2009-4044

2009-11-2019:00:00

mitre

www.cve.org

6.7 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.5%

JSON

The Web Services module 6.x for Drupal does not perform the expected access control, which allows remote attackers to make unspecified use of an API via unknown vectors.

References

drupal.org/node/630244

www.securityfocus.com/bid/37000

www.vupen.com/english/advisories/2009/3218

exchange.xforce.ibmcloud.com/vulnerabilities/54249