Description

The Node Hierarchy module 5.x before 5.x-1.1 and 6.x before 6.x-1.0 for Drupal does not properly implement access checks, which allows remote attackers with "access content" permissions to bypass restrictions and modify the node hierarchy via unspecified attack vectors.

Remediation

References

CVE-2008-2771

Related Vulnerabilities

WordPress Plugin MemberSonic Lite Security Bypass (1.2)

Python Improper Neutralization of CRLF Sequences ('CRLF Injection') Vulnerability (CVE-2019-9740)

WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Multiple Cross-Site Scripting Vulnerabilities (1.30)

OpenSSL Cryptographic Issues Vulnerability (CVE-2015-0205)

WordPress Plugin Google Analytics Dashboard Plugin for WordPress by MonsterInsights 404 Error Page Cross-Site Scripting (3.2.4)

Severity

Medium

Classification

CVE-2008-2771 CWE-264

Tags

Missing Update Known Vulnerabilities