Vulnerabilities > CVE-2015-7228 - Access Bypass vulnerability in Restful Project Restful 7.X1.0/7.X1.1/7.X1.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The RESTful module 7.x-1.x before 7.x-1.3 for Drupal does not properly cache pages of authenticated users when using non-cookie authentication providers, which allows remote attackers to obtain sensitive information via unspecified vectors. <a href="https://cwe.mitre.org/data/definitions/524.html">CWE-524: Information Exposure Through Caching </a>
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |