CVE-2008-4792 in Drupalinformazioni

Riassunto

di MITRE

The core BlogAPI module in Drupal 5.x before 5.11 and 6.x before 6.5 does not properly validate unspecified content fields of an internal Drupal form, which allows remote authenticated users to bypass intended access restrictions via modified field values.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

29/10/2008

Divulgazione

29/10/2008

Moderazione

accettato

Voce

VDB-44768

CPE

pronto

CWE

CWE-264 (confermato)

CVSS

6.0 (NVD)

EPSS

0.01282

KEV

Attività

molto basso

Settore

Lawfirm, Hostingprovider, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-4792
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-4792
CVE Details	https://www.cvedetails.com/cve/CVE-2008-4792/

◂ Precedente Visione D'ensemble Il prossimo ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!