Description

The Node Hierarchy module 5.x before 5.x-1.1 and 6.x before 6.x-1.0 for Drupal does not properly implement access checks, which allows remote attackers with "access content" permissions to bypass restrictions and modify the node hierarchy via unspecified attack vectors.

Remediation

References

CVE-2008-2771

Related Vulnerabilities

WordPress 4.5.x Same Origin Method Execution (SOME) Vulnerability (4.5 - 4.5.1)

EspoCRM Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2022-38845)

WordPress Plugin Bulk Creator Cross-Site Scripting (1.0.1)

WordPress Plugin WordPress Button Plugin MaxButtons Multiple Cross-Site Scripting Vulnerabilities (1.36)

Ruby on Rails CVE-2022-23633 Vulnerability (CVE-2022-23633)

Severity

Medium

Classification

CVE-2008-2771 CWE-264

Tags

Missing Update Known Vulnerabilities