Drupal 8 prior to 8.2.8 and 8.3 prior to 8.3.1 allows critical access bypass by authenticated users if the RESTful Web Services (rest) module is enabled and the site allows PATCH requests.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
drupal drupal 8.3.0 |
||
drupal drupal 8.0.0 |
||
drupal drupal 8.0.1 |
||
drupal drupal 8.1.0 |
||
drupal drupal 8.1.7 |
||
drupal drupal 8.1.8 |
||
drupal drupal 8.2.0 |
||
drupal drupal 8.2.6 |
||
drupal drupal 8.0.2 |
||
drupal drupal 8.0.3 |
||
drupal drupal 8.1.1 |
||
drupal drupal 8.1.9 |
||
drupal drupal 8.1.10 |
||
drupal drupal 8.2.1 |
||
drupal drupal 8.0.4 |
||
drupal drupal 8.0.5 |
||
drupal drupal 8.1.2 |
||
drupal drupal 8.1.3 |
||
drupal drupal 8.2.7 |
||
drupal drupal 8.2.2 |
||
drupal drupal 8.2.3 |
||
drupal drupal 8.0.6 |
||
drupal drupal 8.1.4 |
||
drupal drupal 8.1.5 |
||
drupal drupal 8.1.6 |
||
drupal drupal 8.2.4 |
||
drupal drupal 8.2.5 |