Description

The user module in Drupal 5.x before 5.11 and 6.x before 6.5 might allow remote authenticated users to bypass intended login access rules and successfully login via unknown vectors.

Remediation

References

CVE-2008-4791

Related Vulnerabilities

Atlassian Jira Other Vulnerability (CVE-2019-20101)

WordPress Plugin VRView Cross-Site Scripting (1.1.3)

WordPress 2.2.1 Multiple Vulnerabilities (2.2.1)

WordPress Other Vulnerability (CVE-2007-1599)

PHP CVE-2016-6174 Vulnerability (CVE-2016-6174)

Severity

Medium

Classification

CVE-2008-4791 CWE-264

Tags

Missing Update Known Vulnerabilities