Vulnerabilities > CVE-2016-20007 - Insufficient Session Expiration vulnerability in Rest/Json Project Rest/Json
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
The REST/JSON project 7.x-1.x for Drupal allows session name guessing, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 6 |