RSS   Vulnerabilities for 'Feeds'   RSS

2012-12-03
 
CVE-2012-5543

CWE-264
 

 
The Feeds module 7.x-2.x before 7.x-2.0-alpha6 for Drupal, when a field is mapped to the node's author, does not properly check permissions, which allows remote attackers to create arbitrary nodes via a crafted source feed.

 


Copyright 2024, cxsecurity.com

 

Back to Top