Back to search
CVE-2013-1946
Published: Apr 6, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
The RESTful Web Services (RESTWS) module 7.x-1.x before 7.x-1.3 and 7.x-2.x before 7.x-2.0-alpha5 for Drupal, when page caching is enabled and anonymous users are assigned RESTWS permissions, allows remote attackers to cause a denial of service via a GET request with an HTTP Accept header set to a non-HTML type, which can "interfere with Drupal's page cache."
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
92259
vdb-entry
x_refsource_OSVDB
https://drupal.org/node/1966758
x_refsource_CONFIRM
https://drupal.org/node/1966752
x_refsource_CONFIRM
https://drupal.org/node/1966780
x_refsource_MISC
[oss-security] 20130412 Re: CVE request for Drupal contributed modules
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now