Drupal Services Module Access Bypass and Information Disclosure Vulnerabilities

The Services module for Drupal is prone to an access-bypass vulnerability and an information-disclosure vulnerability.

An attacker can leverage these issues to bypass certain security restrictions and gain access to sensitive information. Other attacks are possible.

Services 7.x-3.0 to 7.x-3.11 are vulnerable.


Privacy Statement
Copyright 2010, SecurityFocus