Lucene search
K
Open Atrium ProjectOpen Atrium

4 matches found

CVE
CVE
added 2014/11/12 4:0 p.m.44 views

CVE-2014-8736

The Open Atrium Core module for Drupal (OA Core) in the 7.x-2.x line is affected by CVE-2014-8736, prior to 7.x-2.22. The vulnerability lets remote attackers bypass access controls and read file attachments that were removed from a node by leveraging a previous revision of that node. The risk is ...

5CVSS7AI score0.01209EPSS
CVE
CVE
added 2018/02/01 5:0 p.m.37 views

CVE-2014-9502

CVE-2014-9502 covers multiple CSRF vulnerabilities in the Open Atrium module for Drupal 7.x-2.x (pre-7.x-2.26). Affected: Open Atrium 7.x-2.x before 7.x-2.26; vulnerability exists in unspecified submodules and relates to menu callbacks, allowing remote attackers to hijack other users’ sessions. E...

8.8CVSS8.8AI score0.00951EPSS
CVE
CVE
added 2018/02/01 5:0 p.m.35 views

CVE-2014-9503

CVE-2014-9503 affects the Open Atrium 7.x-2.x Discussions sub module (pre-7.x-2.26). The vulnerability allows remote authenticated users with "access content" permissions to modify arbitrary nodes due to improper access checks on unspecified AJAX callbacks. Impact is limited to Drupal/Open Atrium...

6.5CVSS6.3AI score0.01427EPSS
CVE
CVE
added 2018/02/01 5:0 p.m.31 views

CVE-2014-9504

CVE-2014-9504 affects Drupal Open Atrium’s OG Subgroups module. When used with Open Atrium 7.x-2.x prior to 7.x-2.26, it allows a remote attacker to access child groups via vectors related to membership inheritance. Documents confirm the vulnerable configuration and the affected version range; no...

7.5CVSS7.4AI score0.01643EPSS