Organic Groups Security Vulnerabilities and Issues — Organic Groups CVE List

Lucene search

Organic Groups ProjectOrganic Groups

5 matches found

CVE•added 2020/02/18 7:15 p.m.•80 views

CVE-2013-4228

The OG access fields (visibility fields) implementation in Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal does not properly restrict access to private groups, which allows remote authenticated users to guess node IDs, subscribe to, and read the content of arbitrary private groups via ...

4.3CVSS4.4AI score0.00234EPSS

CVE•added 2014/04/29 2:38 p.m.•34 views

CVE-2013-7065

The Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal allows remote attackers to bypass access restrictions and post to arbitrary groups via a group audience field, as demonstrated by the og_group_ref field.

5.8CVSS7AI score0.00227EPSS

CVE•added 2012/12/03 9:55 p.m.•32 views

CVE-2012-5539

The Organic Groups (OG) module 7.x-1.x before 7.x-1.5 for Drupal does not properly maintain pending group memberships, which allows remote authenticated users to post to arbitrary groups by modifying their own account while a pending membership is waiting to be approved.

3.5CVSS6.6AI score0.00193EPSS

CVE•added 2008/07/09 7:33 p.m.•30 views

CVE-2008-3094

The Organic Groups (OG) module 5.x before 5.x-7.3 and 6.x before 6.x-1.0-RC1, a module for Drupal, allows remote attackers to obtain sensitive information (private group names) via unspecified vectors.

4.3CVSS6.3AI score0.00551EPSS

CVE•added 2014/04/29 2:38 p.m.•29 views

CVE-2013-7068

The Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users to bypass group restrictions on nodes with all groups set to optional input via an empty group field.

4.9CVSS6.5AI score0.00193EPSS