Access Bypass Vulnerability in EveryBlog Module for Drupal
CVE-2008-6137

Currently unrated

Key Information:

Vendor: Drupal
Status: Everyblog
Vendor: CVE Published:; 14 February 2009

Summary

The EveryBlog module for Drupal versions 5.x and 6.x contains a vulnerability that enables remote attackers to bypass established access controls, potentially leading to unauthorized access to sensitive content. The specific vectors for this bypass remain unspecified, raising concerns about the module's overall security integrity. It is crucial for Drupal administrators to monitor for any related activity and apply necessary updates or patches to mitigate potential risks.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/45759

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/31656

vdb-entryx_refsource_BID

http://secunia.com/advisories/32194

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Feb 14, 2009
Vulnerability Reserved
Feb 13, 2009