Access Control Bypass in Aggregation Module for Drupal
CVE-2008-3000

Currently unrated

Key Information:

Vendor: Drupal
Status: Aggregation Module
Vendor: CVE Published:; 3 July 2008

Summary

The Aggregation module for Drupal versions prior to 5.x-4.4 contains a security flaw that compromises access control when node access modules are in use. This vulnerability allows remote attackers to circumvent intended access restrictions, potentially exposing sensitive data and functionalities. Proper implementation of access controls is essential to prevent unauthorized interactions with the affected components.

References

http://drupal.org/node/269479

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/43017

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/29677

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Jul 3, 2008
Vulnerability Reserved
Jul 3, 2008