Drupal · Open Social · CVE-2024-13240
**Name of the Vulnerable Software and Affected Versions**
Open Social versions 0.0.0 through 12.04
**Description**
The issue is related to improper access control in Drupal Open Social, allowing the collection of data from common resource locations. This can be exploited by a remote attacker to bypass security restrictions.
**Recommendations**
For Open Social versions 0.0.0 through 12.04, update to a version later than 12.04 to resolve the issue.
At the moment, there is no information about additional mitigation measures for this specific vulnerability.