Authorization Bypass Vulnerability in Leed (Light Feed)

CVE-2013-2629 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

Leed (Light Feed), possibly before 1.5 Stable, allows remote attackers to bypass authorization via vectors related to the (1) importForm, (2) importFeed, (3) addFavorite, or (4) removeFavorite actions in action.php.

Learn more about our Web Application Penetration Testing UK.