Incorrect Authorization Vulnerability in Drupal Pages Restriction Access
CVE-2024-13302

Currently unrated

Key Information:

Vendor: Drupal
Vendor: CVE Published:; 9 January 2025

Summary

An incorrect authorization vulnerability in the Pages Restriction Access module for Drupal allows attackers to bypass access control and perform forceful browsing. This flaw affects versions 2.0.0 up to 2.0.2, potentially exposing sensitive content to unauthorized users. Administrators are urged to update to the latest version to mitigate this risk.

References

https://www.drupal.org/sa-contrib-2024-068

Timeline

Vulnerability published
Jan 9, 2025