3 matches found
Code injection
The Atom 4.7 before 4.7.x-1.0 and 5.x before 5.x-1.0 module for Drupal does not properly manage permissions for node 1 titles, 2 teasers, and 3 bodies, which might allow remote attackers to gain access to syndicated content...
CVE-2008-0275
The Atom 4.7 before 4.7.x-1.0 and 5.x before 5.x-1.0 module for Drupal does not properly manage permissions for node 1 titles, 2 teasers, and 3 bodies, which might allow remote attackers to gain access to syndicated content...
CVE-2008-0275
The CVE-2008-0275 issue affects the Atom 4.7 up to 4.7.x-1.0 and the 5.x line up to 5.x-1.0 Drupal module. It does not properly enforce permissions for node content fields (title, teaser, and body). The underlying permission checks flaw could allow remote attackers to access syndicated content th...