3 matches found
Code injection
The Atom 4.7 before 4.7.x-1.0 and 5.x before 5.x-1.0 module for Drupal does not properly manage permissions for node 1 titles, 2 teasers, and 3 bodies, which might allow remote attackers to gain access to syndicated content...
CVE-2008-0275
The CVE-2008-0275 issue affects the Atom 4.7 up to 4.7.x-1.0 and the 5.x line up to 5.x-1.0 Drupal module. It does not properly enforce permissions for node content fields (title, teaser, and body). The underlying permission checks flaw could allow remote attackers to access syndicated content th...
CVE-2008-0275
The Atom 4.7 before 4.7.x-1.0 and 5.x before 5.x-1.0 module for Drupal does not properly manage permissions for node 1 titles, 2 teasers, and 3 bodies, which might allow remote attackers to gain access to syndicated content...