6.9 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
51.6%
The Discussions sub module in the Open Atrium module 7.x-2.x before 7.x-2.26 for Drupal allows remote authenticated users with “access content” permissions to modify arbitrary nodes by leveraging improper access checks on unspecified ajax callbacks.
www.openwall.com/lists/oss-security/2015/01/04/6
exchange.xforce.ibmcloud.com/vulnerabilities/99656
www.drupal.org/node/2394979
www.drupal.org/node/2395045