CVE-2008-0701

Severity CVSS v4.0:
Pending analysis
Type:
CWE-264 Permissions, Privileges, and Access Control
Publication date:
12/02/2008
Last modified:
09/04/2025

Description

ActivationHandler in Magnolia CE 3.5.x before 3.5.4 does not check permissions during importing, which allows remote attackers to have an unknown impact via activation of a new item, possibly involving addition of arbitrary new content.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:magnolia:ce:3.5.1:*:*:*:*:*:*:*
cpe:2.3:a:magnolia:ce:3.5.2:*:*:*:*:*:*:*
cpe:2.3:a:magnolia:ce:3.5.3:*:*:*:*:*:*:*