Commons
CVE-2013-1907
MEDIUM
Severity by source
AV:N/AC:L/Au:N/C:N/I:P/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:N/AC:L/Au:N/C:N/I:P/A:N
Lifecycle Timeline
1DescriptionCVE.org
The Commons Group module before 7.x-3.1 for Drupal, as used in the Commons module before 7.x-3.1, does not properly restrict access to groups, which allows remote attackers to post arbitrary content to groups via unspecified vectors.
AnalysisAI
The Commons Group module before 7.x-3.1 for Drupal, as used in the Commons module before 7.x-3.1, does not properly restrict access to groups, which allows remote attackers to post arbitrary content. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-264. The Commons Group module before 7.x-3.1 for Drupal, as used in the Commons module before 7.x-3.1, does not properly restrict access to groups, which allows remote attackers to post arbitrary content to groups via unspecified vectors. Affected products include: Acquia Commons, Acquia Commons Group. Version information: before 7..
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
XWiki Commons are technical libraries common to several other top level XWiki projects. Rated critical severity (CVSS 9.
XWiki Commons are technical libraries common to several other top level XWiki projects. Rated critical severity (CVSS 9.
Xwiki commons is the common modules used by other XWiki top level projects. Rated medium severity (CVSS 5.4), this vulne
org.xwiki.commons:xwiki-commons-xml is a common module used by other XWiki top level projects. Rated medium severity (CV
The Commons Wikis module before 7.x-3.1 for Drupal, as used in the Commons module before 7.x-3.1, does not properly rest
The commons_discussion_views_default_views function in modules/features/commons_discussion/commons_discussion.views_defa
Cross-site scripting (XSS) vulnerability in the Drupal Commons module 7.x-3.x before 7.x-3.9 for Drupal allows remote at
Same technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today