Drupal · Drupal Responsive/Off-Canvas Menu · CVE-2024-13266
**Name of the Vulnerable Software and Affected Versions**
Drupal Responsive and off-canvas menu versions 0.0.0 through 4.4.3
**Description**
The issue is related to an Incorrect Authorization vulnerability in the Drupal Responsive and off-canvas menu, which allows for Forceful Browsing. This means that a remote attacker can bypass security restrictions and perform unauthorized actions.
**Recommendations**
For versions 0.0.0 through 4.4.3, update to version 4.4.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the menu module to minimize the risk of exploitation.