CVE-2024-13254

Name of the Vulnerable Software and Affected Versions Drupal REST Views versions 0.0.0 through 3.0.1

Description The issue is related to the insertion of sensitive information into sent data, allowing forceful browsing. This can enable a remote attacker to gain unauthorized access to protected information. The vulnerability is associated with insufficient protection of service data.

Recommendations For versions 0.0.0 through 3.0.1, update to version 3.0.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the REST Views module to minimize the risk of exploitation.