Open Atrium@* Security Vulnerabilities and Issues — Open Atrium@* CVE List

Lucene search

Open Atrium ProjectOpen Atrium*

4 matches found

CVE•added 2014/11/12 4:55 p.m.•36 views

CVE-2014-8736

The Open Atrium Core module for Drupal before 7.x-2.22 allows remote attackers to bypass access restrictions and read file attachments that have been removed from a node by leveraging a previous revision of the node.

5CVSS7AI score0.00184EPSS

CVE•added 2018/02/01 5:29 p.m.•30 views

CVE-2014-9502

Multiple cross-site request forgery (CSRF) vulnerabilities in unspecified sub modules in the Open Atrium module 7.x-2.x before 7.x-2.26 for Drupal allow remote attackers to hijack the authentication of unknown victims via vectors related to menu callbacks.

8.8CVSS8.8AI score0.00167EPSS

CVE•added 2018/02/01 5:29 p.m.•27 views

CVE-2014-9503

The Discussions sub module in the Open Atrium module 7.x-2.x before 7.x-2.26 for Drupal allows remote authenticated users with "access content" permissions to modify arbitrary nodes by leveraging improper access checks on unspecified ajax callbacks.

6.5CVSS6.3AI score0.00207EPSS

CVE•added 2018/02/01 5:29 p.m.•21 views

CVE-2014-9504

The OG Subgroups module, when used with the Open Atrium module 7.x-2.x before 7.x-2.26 for Drupal, allows remote attackers to access child groups via vectors related to membership inheritance.

7.5CVSS7.4AI score0.0027EPSS