CVE-2013-2629 Information

Description

Leed (Light Feed) possibly before 1.5 Stable allows remote attackers to bypass authorization via vectors related to the (1) importForm (2) importFeed (3) addFavorite or (4) removeFavorite actions in action.php.

Reference

http://seclists.org/bugtraq/2013/Dec/107 http://www.csnc.ch/misc/files/advisories/CSNC-2013-005-006-007_Leed_Multiple_vulns.txt