Feeds Project : Security Vulnerabilities, CVEs,
The Feeds module 7.x-2.x before 7.x-2.0-alpha6 for Drupal, when a field is mapped to the node's author, does not properly check permissions, which allows remote attackers to create arbitrary nodes via a crafted source feed.
Max CVSS
4.3
EPSS Score
0.17%
Published
2012-12-03
Updated
2012-12-04
1 vulnerabilities found