2.1

CVE-2013-4498

The Spaces OG submodule in the Spaces module 6.x-3.x before 6.x-3.7 for Drupal does not properly delete organic group group spaces content when using the option to move to a new group, which causes the content to be "orphaned" and allows remote authenticated users with the "access content" permission to obtain sensitive information via vectors involving a rebuild access for the site or content.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Florian WeberSpaces Version6.x-3.0
   DrupalDrupal Version-
Florian WeberSpaces Version6.x-3.0 Updatealpha1
   DrupalDrupal Version-
Florian WeberSpaces Version6.x-3.0 Updatealpha2
   DrupalDrupal Version-
Florian WeberSpaces Version6.x-3.0 Updatebeta1
   DrupalDrupal Version-
Florian WeberSpaces Version6.x-3.0 Updatebeta2
   DrupalDrupal Version-
Florian WeberSpaces Version6.x-3.0 Updatebeta3
   DrupalDrupal Version-
Florian WeberSpaces Version6.x-3.0 Updatebeta4
   DrupalDrupal Version-
Florian WeberSpaces Version6.x-3.0 Updatebeta5
   DrupalDrupal Version-
Florian WeberSpaces Version6.x-3.0 Updatebeta6
   DrupalDrupal Version-
Florian WeberSpaces Version6.x-3.0 Updater1
   DrupalDrupal Version-
Florian WeberSpaces Version6.x-3.0 Updater2
   DrupalDrupal Version-
Florian WeberSpaces Version6.x-3.1
   DrupalDrupal Version-
Florian WeberSpaces Version6.x-3.2
   DrupalDrupal Version-
Florian WeberSpaces Version6.x-3.3
   DrupalDrupal Version-
Florian WeberSpaces Version6.x-3.4
   DrupalDrupal Version-
Florian WeberSpaces Version6.x-3.5
   DrupalDrupal Version-
Florian WeberSpaces Version6.x-3.6
   DrupalDrupal Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.2% 0.39
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.1 3.9 2.9
AV:N/AC:H/Au:S/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://drupal.org/node/2118717
Patch
Vendor Advisory