3 matches found
CVE-2013-1908
The CVE-2013-1908 issue affects the Drupal Commons Wikis module (versions prior to 7.x-3.1) as used in the Commons distribution. The vulnerability is an access bypass/privilege-escalation flaw that allows anonymous users to post content into groups due to improper access restrictions. Impact is l...
CVE-2013-1907
The CVE-2013-1907 issue affects the Drupal Commons distribution’s Commons Groups module (versions prior to 7.x-3.1). The vulnerability arises from inadequate access control, allowing remote/anonymous users to post arbitrary content to groups via unspecified vectors, effectively an access bypass w...
CVE-2012-4483
CVE-2012-4483 affects the Drupal Commons module (6.x-2.x) before 6.x-2.8. The underling root cause is that the function commons_discussion_views_default_views does not properly enforce node access restrictions, potentially allowing remote attackers to view sensitive information via the recent com...