Drupal · Drupal Core Json:Api Module · CVE-2020-13677
**Name of the Vulnerable Software and Affected Versions**
Drupal core JSON:API module (affected versions not specified)
**Description**
The issue arises when the Drupal core JSON:API module fails to properly restrict access to certain content under specific circumstances, potentially leading to unintended access bypass. It is noted that sites without the JSON:API module enabled are not affected.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.