Vulnerability Details CVE-2008-2771
The Node Hierarchy module 5.x before 5.x-1.1 and 6.x before 6.x-1.0 for Drupal does not properly implement access checks, which allows remote attackers with "access content" permissions to bypass restrictions and modify the node hierarchy via unspecified attack vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.4%
CVSS Severity
CVSS v2 Score 5.0
References
- http://drupal.org/node/269473
- http://secunia.com/advisories/30622
- http://www.securityfocus.com/bid/29675
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43006
- http://drupal.org/node/269473
- http://secunia.com/advisories/30622
- http://www.securityfocus.com/bid/29675
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43006
Products affected by CVE-2008-2771
-
cpe:2.3:a:drupal:drupal:5.0
-
cpe:2.3:a:drupal:drupal:6.0
-
cpe:2.3:a:drupal:node_hierarchy_module:5
-
cpe:2.3:a:drupal:node_hierarchy_module:6