CVE-2008-3000

Drupal Aggregation Module - Access Control

Title source: rule

Description

The Aggregation module 5.x before 5.x-4.4 for Drupal, when node access modules are used, does not properly implement access control, which allows remote attackers to bypass intended restrictions.

References (4)

Scores

EPSS 0.0029
EPSS Percentile 51.7%

Classification

CWE
CWE-264
Status draft

Affected Products (8)

drupal/aggregation_module
drupal/aggregation_module
drupal/aggregation_module
drupal/aggregation_module
drupal/aggregation_module
drupal/aggregation_module
drupal/aggregation_module
drupal/aggregation_module

Timeline

Published Jul 03, 2008
Tracked Since Feb 18, 2026