CVE-2008-0275

EUVD-2008-0286
The Atom 4.7 before 4.7.x-1.0 and 5.x before 5.x-1.0 module for Drupal does not properly manage permissions for node (1) titles, (2) teasers, and (3) bodies, which might allow remote attackers to gain access to syndicated content.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 42%
Affected Products (NVD)
VendorProductVersion
drupalatom_module
𝑥
≤ 4.7
drupalatom_module
𝑥
≤ 5.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://drupal.org/node/208527
https://exchange.xforce.ibmcloud.com/vulnerabilities/39607
http://drupal.org/node/208527
https://exchange.xforce.ibmcloud.com/vulnerabilities/39607