Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2012-5539
organic groups
og module
drupal
cve-2012-5539
security vulnerability
6.6 Medium
AI Score
Confidence
Low
3.5 Low
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
45.0%
The Organic Groups (OG) module 7.x-1.x before 7.x-1.5 for Drupal does not properly maintain pending group memberships, which allows remote authenticated users to post to arbitrary groups by modifying their own account while a pending membership is waiting to be approved.
Affected configurations
Node
organic_groups_projectorganic_groupsMatch7.x-1.0
ORorganic_groups_projectorganic_groupsMatch7.x-1.0alpha1
ORorganic_groups_projectorganic_groupsMatch7.x-1.1
ORorganic_groups_projectorganic_groupsMatch7.x-1.1rc1
ORorganic_groups_projectorganic_groupsMatch7.x-1.1rc2
ORorganic_groups_projectorganic_groupsMatch7.x-1.1rc3
ORorganic_groups_projectorganic_groupsMatch7.x-1.1rc4
ORorganic_groups_projectorganic_groupsMatch7.x-1.2
ORorganic_groups_projectorganic_groupsMatch7.x-1.3
ORorganic_groups_projectorganic_groupsMatch7.x-1.4
ORorganic_groups_projectorganic_groupsMatch7.x-1.xdev
drupaldrupalMatch-
Related
cvelist
cvelist
CVE-2012-5539
2022-10-03 16:15:32
nvd
nvd
CVE-2012-5539
2012-12-03 21:55:02
prion
prion
Design/Logic Flaw
2012-12-03 21:55:00
drupal
drupal
SA-CONTRIB-2012-148 - OG - Access Bypass
2012-09-26 00:00:00
6.6 Medium
AI Score
Confidence
Low
3.5 Low
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
45.0%
Related for CVE-2012-5539