Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-4791)
Description
The user module in Drupal 5.x before 5.11 and 6.x before 6.5 might allow remote authenticated users to bypass intended login access rules and successfully login via unknown vectors.