Lucene search

K
nessusThis script is Copyright (C) 2018-2024 and is owned by Tenable, Inc. or an Affiliate thereof.WEB_APPLICATION_SCANNING_98556
HistoryNov 05, 2018 - 12:00 a.m.

Drupal 8.3.x < 8.3.1 Access Bypass Vulnerability

2018-11-0500:00:00
This script is Copyright (C) 2018-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
8

According to its self-reported version number, the detected Drupal application is affected by an access bypass vulnerability due to an unspecified flaw when the RESTful Web Services (rest) module is enabled and the site allows PATCH requests. An authenticated, remote attacker can exploit this to bypass critical access restrictions.

Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.

No source data
VendorProductVersion
adrupaldrupal