Description

The Node Hierarchy module 5.x before 5.x-1.1 and 6.x before 6.x-1.0 for Drupal does not properly implement access checks, which allows remote attackers with "access content" permissions to bypass restrictions and modify the node hierarchy via unspecified attack vectors.

Remediation

References

CVE-2008-2771

Related Vulnerabilities

Jenkins Protection Mechanism Failure Vulnerability (CVE-2021-21696 )

WordPress Plugin Teamleader CRM Forms Cross-Site Scripting (2.0.0)

Drupal Cryptographic Issues Vulnerability (CVE-2013-6386)

WordPress Plugin Good LMS-Learning Management System SQL Injection (2.1.4)

WordPress Plugin Import and export users and customers CSV Injection (1.16.3.5)

Severity

Medium

Classification

CVE-2008-2771 CWE-264

Tags

Missing Update Known Vulnerabilities