Unrated severityNVD Advisory· Published Jun 18, 2008· Updated Apr 23, 2026

CVE-2008-2771

Description

The Node Hierarchy module 5.x before 5.x-1.1 and 6.x before 6.x-1.0 for Drupal does not properly implement access checks, which allows remote attackers with "access content" permissions to bypass restrictions and modify the node hierarchy via unspecified attack vectors.

Affected products

Drupal/Drupal2 versions
cpe:2.3:a:drupal:drupal:5.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:drupal:drupal:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:drupal:drupal:6.0:*:*:*:*:*:*:*
Drupal/Node Hierarchy Module2 versions
cpe:2.3:a:drupal:node_hierarchy_module:5:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:drupal:node_hierarchy_module:5:*:*:*:*:*:*:*
- cpe:2.3:a:drupal:node_hierarchy_module:6:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

drupal.org/node/269473nvdPatch
secunia.com/advisories/30622nvdPatchVendor Advisory
www.securityfocus.com/bid/29675nvdPatch
exchange.xforce.ibmcloud.com/vulnerabilities/43006nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000