Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The RESTful Web Services (RESTWS) module 7.x-1.x before 7.x-1.3 and 7.x-2.x before 7.x-2.0-alpha5 for Drupal, when page caching is enabled and anonymous users are assigned RESTWS permissions, allows remote attackers to cause a denial of service via a GET request with an HTTP Accept header set to a non-HTML type, which can "interfere with Drupal's page cache."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Drupal RESTful Web Services模块输入验证错误漏洞
Vulnerability Description
Drupal是Drupal社区所维护的一套用PHP语言开发的免费、开源的内容管理系统。RESTful Web Services(RESTWS,又名RESTful Web API)是其中的一个使用HTTP并遵循REST原则的Web服务模块。 Drupal RESTWS模块7.x-1.3之前的7.x-1.x版本和7.x-2.0-alpha5之前的7.x-2.x版本中存在安全漏洞,该漏洞源于程序没有正确处理non-HTML页面响应。远程攻击者可利用该漏洞造成拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A