3 matches found
CVE-2015-7228
The CVE-2015-7228 issue affects Drupal’s RESTful module (7.x-1.x) prior to 7.x-1.3. The vulnerability arises because the RESTful module does not properly cache pages for authenticated users when using non-cookie authentication providers, which can allow remote attackers to obtain sensitive inform...
CVE-2015-7228
The RESTful module 7.x-1.x before 7.x-1.3 for Drupal does not properly cache pages of authenticated users when using non-cookie authentication providers, which allows remote attackers to obtain sensitive information via unspecified vectors...
RESTful - Moderately Critical - Access bypass - SA-CONTRIB-2015-147
This module enables you to expose your Drupal backend by generating a RESTful API. The module doesn't sufficiently account for core's page cache generation for anonymous users, when using non-cookie authentication providers. Authenticated users, via one of the authentication providers, can have...