Gabor Hojtsy : Security Vulnerabilities, CVEs, CVSS score >= 2
Comment RSS 5.x before 5.x-2.2 and 6.x before 6.x-2.2, a module for Drupal, does not properly enforce permissions when a link is added to the RSS feed, which allows remote attackers to obtain the node title and possibly other sensitive content by reading the feed.
Max CVSS
5.0
EPSS Score
0.33%
Published
2009-10-06
Updated
2009-10-08
1 vulnerabilities found