6 matches found
EUVD-2015-4412
Malware in sbrugna...
Drupal Open Graph Importer Module Limit Bypass Vulnerability
Drupal is a free, open source content management system developed in PHP. open Graph Importer is a module that supports back-end administrators or other users to import content from other websites using open graph meta tags. A security vulnerability exists in the Drupal Open Graph Importer module...
Open redirect
The Open Graph Importer ogtagimporter 7.x-1.x for Drupal does not properly check the create permission for content types created during import, which allows remote authenticated users to bypass intended restrictions by leveraging the "import ogtagimporter" permission...
CVE-2015-4389
The Open Graph Importer ogtagimporter 7.x-1.x for Drupal does not properly check the create permission for content types created during import, which allows remote authenticated users to bypass intended restrictions by leveraging the "import ogtagimporter" permission...
CVE-2015-4389
The CVE concerns the Drupal contributed module Open Graph Importer (og_tag_importer) in the 7.x-1.x line. The root cause is improper enforcement of the create permission on destination content types during import, enabling remote authenticated users with the import_og_tag_importer permission to b...
Open Graph Importer - Moderately Critical - Access bypass - Unsupported - SA-CONTRIB-2015-092
This module enables you to import content from a web page by scraping its Open Graph data. The module doesn't sufficiently check for "create" permission to the content type that is configured as the destination for imported content, thus allowing a user with the "import ogtagimporter" permission ...