CVE-2008-2771

The Node Hierarchy module 5.x before 5.x-1.1 and 6.x before 6.x-1.0 for Drupal does not properly implement access checks, which allows remote attackers with "access content" permissions to bypass restrictions and modify the node hierarchy via unspecified attack vectors.

Published: Jun 19, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-2771
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:P/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
drupal / drupal	5.0	5.0.x
drupal / node_hierarchy_module	5	5.x
drupal / node_hierarchy_module	6	6.x
drupal / drupal	6.0	6.0.x

http://drupal.org/node/269473
http://secunia.com/advisories/30622
http://www.securityfocus.com/bid/29675
https://exchange.xforce.ibmcloud.com/vulnerabilities/43006

Vulnerability Database

289,697

CVE-2008-2771