CVE-2009-3568

CVE-2009-3568 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Comment RSS 5.x before 5.x-2.2 and 6.x before 6.x-2.2, a module for Drupal, does not properly enforce permissions when a link is added to the RSS feed, which allows remote attackers to obtain the node title and possibly other sensitive content by reading the feed.

Learn more about our Web Application Penetration Testing UK.