CVEs (5)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Organic Groups Project 1Organic Groups Nov 21, 2024 Feb 18, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 The OG access fields (visibility fields) implementation in Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal does not properly restrict access to private groups, which allows remote authenticated users to gues...Show more |
1Organic Groups Project 1Organic Groups May 6, 2026 Apr 29, 2014 N/A· v4 N/A· v3 4.9 MEDIUM· v2 The Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users to bypass group restrictions on nodes with all groups set to optional input via an empty group field. |
1Organic Groups Project 1Organic Groups May 6, 2026 Apr 29, 2014 N/A· v4 N/A· v3 5.8 MEDIUM· v2 The Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal allows remote attackers to bypass access restrictions and post to arbitrary groups via a group audience field, as demonstrated by the og_group_ref field. |
The Organic Groups (OG) module 7.x-1.x before 7.x-1.5 for Drupal does not properly maintain pending group memberships, which allows remote authenticated users to post to arbitrary groups by modifying their own account wh...Show more |
1Organic Groups Project 1Organic Groups Apr 23, 2026 Jul 9, 2008 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The Organic Groups (OG) module 5.x before 5.x-7.3 and 6.x before 6.x-1.0-RC1, a module for Drupal, allows remote attackers to obtain sensitive information (private group names) via unspecified vectors. |