Description

Unknown vulnerability in the privilege system in Drupal 4.4.0 through 4.6.0, when public registration is enabled, allows remote attackers to gain privileges, due to an "input check" that "is not implemented properly."

Remediation

References

CVE-2005-1871

Related Vulnerabilities

Jenkins Uncontrolled Resource Consumption Vulnerability (CVE-2021-28165)

WordPress Plugin Category Grid View Gallery Cross-Site Scripting (2.3.3)

Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2033)

Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-65961)

WordPress Plugin Vodpod Video Gallery 'gid' Parameter Cross-Site Scripting (3.1.5)

Severity

High

Classification

CVE-2005-1871

Tags

Missing Update Known Vulnerabilities