CVE-2008-4792
N/A
N/A
Summary
The core BlogAPI module in Drupal 5.x before 5.11 and 6.x before 6.5 does not properly validate unspecified content fields of an internal Drupal form, which allows remote authenticated users to bypass intended access restrictions via modified field values.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://drupal.org/node/318706
- http://secunia.com/advisories/32201
- http://www.openwall.com/lists/oss-security/2008/10/21/7
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45761
References
- http://drupal.org/node/318706
- http://secunia.com/advisories/32201
- http://www.openwall.com/lists/oss-security/2008/10/21/7
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45761
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.