Apigee Edge - Moderately critical - Access bypass - SA-CONTRIB-2022-045
May 25, 2022
Project: Apigee Edge Date: 2022-May-25 Security risk: Moderately critical 13∕25 Vulnerability: Access bypass
The Apigee Edge module allows connecting a Drupal site to Apigee X / Edge in order to build a developer portal. The developers (user) can view API keys for their respective Apps.
The module discloses information by allowing attackers to view cached information of API Keys from the browser cache for a limited time frame after the user login on the same computer.