Description

Unknown vulnerability in the privilege system in Drupal 4.4.0 through 4.6.0, when public registration is enabled, allows remote attackers to gain privileges, due to an "input check" that "is not implemented properly."

Remediation

References

CVE-2005-1871

Related Vulnerabilities

Jetty Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-28163)

WordPress Plugin Shortlinks by Pretty Links-Best WordPress Link Tracking Cross-Site Scripting (1.6.8)

Atlassian Jira CVE-2021-26075 Vulnerability (CVE-2021-26075)

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-7983)

Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2017-12629)

Severity

High

Classification

CVE-2005-1871

Tags

Missing Update Known Vulnerabilities