CVE-2008-0701

ActivationHandler in Magnolia CE 3.5.x before 3.5.4 does not check permissions during importing, which allows remote attackers to have an unknown impact via activation of a new item, possibly involving addition of arbitrary new content.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 46%
VendorProductVersion
magnoliace
3.5.1
magnoliace
3.5.2
magnoliace
3.5.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://jira.magnolia.info/browse/MAGNOLIA-2021
http://secunia.com/advisories/28745
http://sourceforge.net/project/shownotes.php?release_id=573088
http://www.securityfocus.com/bid/27608
http://jira.magnolia.info/browse/MAGNOLIA-2021
http://secunia.com/advisories/28745
http://sourceforge.net/project/shownotes.php?release_id=573088
http://www.securityfocus.com/bid/27608