Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2020-13677 - log back

CVE-2020-13677 edited at 21 Sep 2021 11:38:15

Severity

-	Unknown
+	High

Remote

-	Unknown
+	Remote

Type

-	Unknown
+	Access restriction bypass

Description

+	Under some circumstances, the Drupal core JSON:API module does not properly restrict access to certain content, which may result in unintended access bypass.
+
+	Sites that do not have the JSON:API module enabled are not affected.

References

+	https://www.drupal.org/sa-core-2021-010

Notes

CVE-2020-13677 created at 21 Sep 2021 11:34:35