Drupal · Drupal Restful Web Services · CVE-2024-13255
**Name of the Vulnerable Software and Affected Versions**
Drupal RESTful Web Services versions 7.X-2.0 through 7.X-2.10
**Description**
The issue is related to errors in processing requests, which can allow a remote attacker to gain unauthorized access to protected information. This problem enables forceful browsing through exposure of sensitive information via data queries.
**Recommendations**
For versions 7.X-2.0 through 7.X-2.10, update to version 7.X-2.10 or later to resolve the issue.
As a temporary workaround, consider restricting access to sensitive data queries until a patch is available.