CVE-2008-4790
Publication date 29 October 2008
Last updated 24 July 2024
Ubuntu priority
The core upload module in Drupal 5.x before 5.11 allows remote authenticated users to bypass intended access restrictions and read "files attached to content" via unknown vectors.