SA-CONTRIB-2014-125 - Organic Groups Menu - Access bypass

This module enables you to associate menus with Organic Groups OG. It allows you to create one or more menus per group, configure and apply menu permissions in a group context, add/edit menu links directly from the entity form, etc. The module doesn't sufficiently check the menu parameters passed...

CVE-2014-8734

The CVE-2014-8734 vulnerability affects the Drupal OG Menu (OG Menu) module for Drupal 7.x, specifically versions prior to 7.x-2.2. Remote authenticated users with the treated permission “access administration pages” can alter module settings via unspecified vectors. The issue is tied to the OG M...

CVE-2014-8734

The Organic Groups Menu aka OG Menu module before 7.x-2.2 for Drupal allows remote authenticated users with the "access administration pages" permission to change module settings via unspecified vectors...

SA-CONTRIB-2014-105 - OG Menu - Access Bypass

OG Menu allows using menus within Organic Groups. The permissions for accessing the module settings were to broad, possibly granting access to users who would normally not be able to change the OG Menu configuration. This vulnerability is mitigated by the fact that an attacker must have a role wi...

Drupal OG Menu Module XSS Vulnerability

No description provided by source. OG Menu 6.x-2.0 XSS Vulnerability CVE-2010-1747 This disclosure has also been posted at http://madirish.net/?article=467 Description of Vulnerability: - ----------------------------- Drupal http://drupal.org is a robust content management system CMS written in P...

SA-CONTRIB-2010-073 - Multiple Vulnerabilities In Multiple Contributed Modules

Versions affected and proposed solutions Simple Gallery for Drupal 6.x This module creates a simple gallery using taxonomy and CCK imagefields. The module is vulnerable to a Cross Site Scripting XSS attack. This can be exploited by users with the ability to add taxonomy terms or tag content...