CVE-2008-0275

Drupal Atom Module < 4.7 - Unauthenticated Unauthorized Access to Syndicated Content

Title source: llm
STIX 2.1

Description

The Atom 4.7 before 4.7.x-1.0 and 5.x before 5.x-1.0 module for Drupal does not properly manage permissions for node (1) titles, (2) teasers, and (3) bodies, which might allow remote attackers to gain access to syndicated content.

References (2)

Core 2
Core References
Various Sources x_refsource_confirm
http://drupal.org/node/208527
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/39607

Scores

EPSS 0.0021
EPSS Percentile 42.9%

Details

CWE
CWE-264
Status published
Products (1)
drupal/atom_module < 4.7
Published Jan 15, 2008
Tracked Since Feb 18, 2026