Open Atrium@7.x-2.0 Security Vulnerabilities and Issues — Open Atrium@7.x-2.0 CVE List

Lucene search

Open Atrium ProjectOpen Atrium7.x-2.0

3 matches found

CVE•added 2018/02/01 5:29 p.m.•30 views

CVE-2014-9502

Multiple cross-site request forgery (CSRF) vulnerabilities in unspecified sub modules in the Open Atrium module 7.x-2.x before 7.x-2.26 for Drupal allow remote attackers to hijack the authentication of unknown victims via vectors related to menu callbacks.

8.8CVSS8.8AI score0.00167EPSS

CVE•added 2018/02/01 5:29 p.m.•27 views

CVE-2014-9503

The Discussions sub module in the Open Atrium module 7.x-2.x before 7.x-2.26 for Drupal allows remote authenticated users with "access content" permissions to modify arbitrary nodes by leveraging improper access checks on unspecified ajax callbacks.

6.5CVSS6.3AI score0.00207EPSS

CVE•added 2018/02/01 5:29 p.m.•21 views

CVE-2014-9504

The OG Subgroups module, when used with the Open Atrium module 7.x-2.x before 7.x-2.26 for Drupal, allows remote attackers to access child groups via vectors related to membership inheritance.

7.5CVSS7.4AI score0.0027EPSS