CVE Vulnerabilities

CVE-2024-13255

Exposure of Sensitive Information Through Data Queries

Published: Jan 09, 2025 | Modified: Jun 04, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Exposure of Sensitive Information Through Data Queries vulnerability in Drupal RESTful Web Services allows Forceful Browsing.This issue affects RESTful Web Services: from 7.X-2.0 before 7.X-2.10.

Weakness

When trying to keep information confidential, an attacker can often infer some of the information by using statistics.

Affected Software

Name Vendor Start Version End Version
Restful_web_services Restful_web_services_project 7.x-2.0 (including) 7.x-2.10 (excluding)

Potential Mitigations

References