7.2 High
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
72.5%
The OG Features module 6.x-1.x before 6.x-1.4 for Drupal does not properly override pages that have an access callback set to false, which allows remote attackers to bypass intended access restrictions via a request.
osvdb.org/100611
www.securityfocus.com/bid/64134
drupal.org/node/2149743
drupal.org/node/2149791
exchange.xforce.ibmcloud.com/vulnerabilities/89458