The Node Hierarchy module 5.x before 5.x-1.1 and 6.x before 6.x-1.0 for Drupal does not properly implement access checks, which allows remote attackers with access content permissions to bypass restrictions and modify the node hierarchy via unspecified attack vectors.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Drupal | Drupal | 5.0 (including) | 5.0 (including) |
| Drupal | Drupal | 6.0 (including) | 6.0 (including) |
| Node_hierarchy_module | Drupal | 5 (including) | 5 (including) |
| Node_hierarchy_module | Drupal | 6 (including) | 6 (including) |
References
- http://drupal.org/node/269473
- http://secunia.com/advisories/30622
- http://www.securityfocus.com/bid/29675
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43006
- http://drupal.org/node/269473
- http://secunia.com/advisories/30622
- http://www.securityfocus.com/bid/29675
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43006