5
CVE-2009-3568
- EPSS 0.45%
- Veröffentlicht 06.10.2009 20:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginComment RSS 5.x before 5.x-2.2 and 6.x before 6.x-2.2, a module for Drupal, does not properly enforce permissions when a link is added to the RSS feed, which allows remote attackers to obtain the node title and possibly other sensitive content by reading the feed.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dave Reid ≫ Commentrss Version5.x-2.1
Dave Reid ≫ Commentrss Version6.x-2.1
Gabor Hojtsy ≫ Commentrss Version5.x-1.0
Gabor Hojtsy ≫ Commentrss Version5.x-1.1
Gabor Hojtsy ≫ Commentrss Version5.x-1.2
Gabor Hojtsy ≫ Commentrss Version5.x-1.x Updatedev
Gabor Hojtsy ≫ Commentrss Version5.x-2.0
Gabor Hojtsy ≫ Commentrss Version5.x-2.x Updatedev
Gabor Hojtsy ≫ Commentrss Version6.x-1.0
Gabor Hojtsy ≫ Commentrss Version6.x-1.1
Gabor Hojtsy ≫ Commentrss Version6.x-1.2
Gabor Hojtsy ≫ Commentrss Version6.x-2.0
Gabor Hojtsy ≫ Commentrss Version6.x-2.x Updatedev
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.45% | 0.628 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|