Vulnerabilities > Dave Reid > Commentrss > 6.x.2.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-10-06 | CVE-2009-3568 | Permissions, Privileges, and Access Controls vulnerability in multiple products Comment RSS 5.x before 5.x-2.2 and 6.x before 6.x-2.2, a module for Drupal, does not properly enforce permissions when a link is added to the RSS feed, which allows remote attackers to obtain the node title and possibly other sensitive content by reading the feed. | 5.0 |