CVE-2008-4793

Description

The node module API in Drupal 5.x before 5.11 allows remote attackers to bypass node validation and have unspecified other impact via unknown vectors related to contributed modules.

How to fix CVE-2008-4793

To remediate CVE-2008-4793, upgrade the affected package to a fixed version below.

• Packagist/drupal/drupal—upgrade to 5.11 or later

Is CVE-2008-4793 being exploited?

Low — EPSS is 0.3%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• >= 5.0, < 5.11

References (6)

• ADVISORYnvd.nist.gov/vuln/detail/CVE-2008-4793
• PATCHgithub.com/drupal/drupal
• WEBdrupal.org/node/318706
• WEBexchange.xforce.ibmcloud.com/vulnerabilities/45763
• WEB