4.9

CVE-2013-7068

The Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users to bypass group restrictions on nodes with all groups set to optional input via an empty group field.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Organic Groups ProjectOrganic Groups Version7.x-2.0 Update- SwPlatformdrupal
Organic Groups ProjectOrganic Groups Version7.x-2.0 Updatealpha1 SwPlatformdrupal
Organic Groups ProjectOrganic Groups Version7.x-2.0 Updatealpha2 SwPlatformdrupal
Organic Groups ProjectOrganic Groups Version7.x-2.0 Updatealpha3 SwPlatformdrupal
Organic Groups ProjectOrganic Groups Version7.x-2.0 Updatebeta1 SwPlatformdrupal
Organic Groups ProjectOrganic Groups Version7.x-2.0 Updatebeta2 SwPlatformdrupal
Organic Groups ProjectOrganic Groups Version7.x-2.0 Updatebeta3 SwPlatformdrupal
Organic Groups ProjectOrganic Groups Version7.x-2.0 Updatebeta4 SwPlatformdrupal
Organic Groups ProjectOrganic Groups Version7.x-2.0 Updaterc1 SwPlatformdrupal
Organic Groups ProjectOrganic Groups Version7.x-2.0 Updaterc2 SwPlatformdrupal
Organic Groups ProjectOrganic Groups Version7.x-2.0 Updaterc3 SwPlatformdrupal
Organic Groups ProjectOrganic Groups Version7.x-2.0 Updaterc4 SwPlatformdrupal
Organic Groups ProjectOrganic Groups Version7.x-2.1 SwPlatformdrupal
Organic Groups ProjectOrganic Groups Version7.x-2.2 SwPlatformdrupal
Organic Groups ProjectOrganic Groups Version7.x-2.x Updatedev SwPlatformdrupal
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.19% 0.383
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.9 6.8 4.9
AV:N/AC:M/Au:S/C:P/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://drupal.org/node/2140217
Patch
Vendor Advisory