2 matches found
CVE-2012-5543
The CVE-2012-5543 issue affects the Drupal Feeds module (7.x-2.x) prior to 7.x-2.0-alpha6. The root cause is improper permission checks when a field is mapped to the node author, enabling remote attackers to create arbitrary nodes via a crafted source feed. Affected software is the Feeds module f...
SA-CONTRIB-2012-152 - Feeds - Access bypass
The feeds module enables you to import or aggregate data as nodes, users, taxonomy terms or simple database records. The module doesn't sufficiently check permissions when creating nodes on behalf of a user. This vulnerability is mitigated by the fact that an attacker must have control over the...