Feeds
1 CVEs
product
Monthly
The Feeds module 7.x-2.x before 7.x-2.0-alpha6 for Drupal, when a field is mapped to the node's author, does not properly check permissions, which allows remote attackers to create arbitrary nodes. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.
Privilege Escalation
Feeds
NVD
CVSS 2.0
4.3
EPSS
0.2%
EPSS 0%
CVSS 4.3
MEDIUM
PATCH
This Month
The Feeds module 7.x-2.x before 7.x-2.0-alpha6 for Drupal, when a field is mapped to the node's author, does not properly check permissions, which allows remote attackers to create arbitrary nodes. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.
Privilege Escalation
Feeds
NVD