PT-2008-4513 · Drupal · Drupal Taxonomy Autotagger
Published
2008-07-09
·
Updated
2017-08-08
·
CVE-2008-3092
CVSS v2.0
6.5
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
Drupal Taxonomy Autotagger module versions 5.x before 5.x-1.8
Description:
The issue allows remote authenticated users with create or edit post permissions to execute arbitrary SQL commands.
Recommendations:
For versions 5.x before 5.x-1.8, update to version 5.x-1.8 or later to resolve the issue.
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Drupal Taxonomy Autotagger