The Meta tags (aka Nodewords) module before 6.x-1.1 for Drupal does not properly follow permissions during assignment of node meta tags, which allows remote attackers to obtain sensitive information via unspecified vectors.
https://exchange.xforce.ibmcloud.com/vulnerabilities/53452
http://www.securityfocus.com/bid/36506