CVE-2008-4793

critical

Description

The node module API in Drupal 5.x before 5.11 allows remote attackers to bypass node validation and have unspecified other impact via unknown vectors related to contributed modules.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/45763

http://www.openwall.com/lists/oss-security/2008/10/21/7

http://secunia.com/advisories/32200

http://drupal.org/node/318706

Details

Source: Mitre, NVD

Published: 2008-10-29

Updated: 2017-08-08

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical