Access Control Flaw in Talk Module for Drupal
CVE-2008-4153

Currently unrated

Key Information:

Vendor

Drupal
Status
Talk
Vendor
CVE Published:
24 September 2008

What is CVE-2008-4153?

The Talk module for Drupal prior to versions 5.x-1.3 and 6.x-1.5 contains a security flaw that fails to adequately perform access checks on nodes before showing comments. This oversight allows remote attackers to potentially access sensitive information that should be restricted, thereby compromising data integrity and user privacy.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/31908
third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/45223
vdb-entryx_refsource_XF
http://www.vupen.com/english/advisories/2008/2615
vdb-entryx_refsource_VUPEN

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.