The Atom 4.7 before 4.7.x-1.0 and 5.x before 5.x-1.0 module for Drupal does not properly manage permissions for node (1) titles, (2) teasers, and (3) bodies, which might allow remote attackers to gain access to syndicated content.
Software | From | Fixed in |
---|---|---|
drupal / atom_module | - | 4.7.x |
drupal / atom_module | - | 5.0.x |