Lucene search
Ubuntu.comUB:CVE-2013-7065HistoryApr 29, 2014 - 12:00 a.m.
CVE-2013-7065
2014-04-2900:00:00
ubuntu.com
ubuntu.com
11
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.003 Low
EPSS
Percentile
67.8%
The Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal allows
remote attackers to bypass access restrictions and post to arbitrary groups
via a group audience field, as demonstrated by the og_group_ref field.
Notes
| Author | Note |
|---|---|
| leosilva | “Drupal core is not affected. If you do not use the contributed Organic groups module, there is nothing you need to do.” “if you use the Organic Groups module for Drupal 7.x, upgrade to og 7.x-2.4” |
Related
prion
prion
Design/Logic Flaw
2014-04-29 14:38:00
nvd
nvd
CVE-2013-7065
2014-04-29 14:38:43
cve
cve
CVE-2013-7065
2014-04-29 14:38:43
cvelist
cvelist
CVE-2013-7065
2014-04-29 14:00:00
drupal
drupal
SA-CONTRIB-2013-095 - Organic Groups - Access bypass
2013-11-20 00:00:00
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.003 Low
EPSS
Percentile
67.8%
Related for UB:CVE-2013-7065