logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2017-6919

Description

Drupal 8 before 8.2.8 and 8.3 before 8.3.1 allows critical access bypass by authenticated users if the RESTful Web Services (rest) module is enabled and the site allows PATCH requests. #### Notes Author| Note ---|--- [ratliff](<https://launchpad.net/~ratliff>) | Upstream: "Drupal 7.x is not affected."


Related