CVE-2009-3568

Name of the Vulnerable Software and Affected Versions Comment RSS versions 5.x before 5.x-2.2 Comment RSS versions 6.x before 6.x-2.2

Description The issue allows remote attackers to obtain sensitive content, such as the node title, by reading the RSS feed due to improper permission enforcement when a link is added.

Recommendations For Comment RSS versions 5.x before 5.x-2.2, update to version 5.x-2.2 or later. For Comment RSS versions 6.x before 6.x-2.2, update to version 6.x-2.2 or later.