Skip to main content

Organic Groups

6 CVEs product

Monthly

CVE-2013-7068 MEDIUM PATCH This Month

The Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users to bypass group restrictions on nodes with all groups set to optional input via an empty group field. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable.

Privilege Escalation Organic Groups
NVD VulDB
CVSS 2.0
4.9
EPSS
0.2%
CVE-2013-7065 MEDIUM PATCH This Month

The Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal allows remote attackers to bypass access restrictions and post to arbitrary groups via a group audience field, as demonstrated by the. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Privilege Escalation Organic Groups
NVD VulDB
CVSS 2.0
5.8
EPSS
0.2%
CVE-2012-5539 LOW PATCH Monitor

The Organic Groups (OG) module 7.x-1.x before 7.x-1.5 for Drupal does not properly maintain pending group memberships, which allows remote authenticated users to post to arbitrary groups by modifying. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

Privilege Escalation Organic Groups
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2012-2081 MEDIUM PATCH This Month

The Organic Groups (OG) module 6.x-2.x before 6.x-2.3 for Drupal does not properly restrict access, which allows remote attackers to obtain sensitive information such as private group titles via a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Organic Groups
NVD
CVSS 2.0
5.0
EPSS
0.6%
CVE-2012-3800 LOW POC PATCH Monitor

Cross-site scripting (XSS) vulnerability in og.js in the Organic Groups (OG) module 6.x-2.x before 6.x-2.4 for Drupal, when used with the Vertical Tabs module, allows remote authenticated users to. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. Public exploit code available.

XSS Organic Groups
NVD
CVSS 2.0
2.1
EPSS
0.3%
CVE-2012-2721 MEDIUM POC PATCH This Month

The default views in the Organic Groups (OG) module 6.x-2.x before 6.x-2.4 for Drupal do not properly check permissions when all users have the "access content" permission removed, which allows. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Privilege Escalation Organic Groups
NVD
CVSS 2.0
6.8
EPSS
0.5%
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

The Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users to bypass group restrictions on nodes with all groups set to optional input via an empty group field. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable.

Privilege Escalation Organic Groups
NVD VulDB
EPSS 0% CVSS 5.8
MEDIUM PATCH This Month

The Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal allows remote attackers to bypass access restrictions and post to arbitrary groups via a group audience field, as demonstrated by the. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Privilege Escalation Organic Groups
NVD VulDB
EPSS 0% CVSS 3.5
LOW PATCH Monitor

The Organic Groups (OG) module 7.x-1.x before 7.x-1.5 for Drupal does not properly maintain pending group memberships, which allows remote authenticated users to post to arbitrary groups by modifying. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

Privilege Escalation Organic Groups
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

The Organic Groups (OG) module 6.x-2.x before 6.x-2.3 for Drupal does not properly restrict access, which allows remote attackers to obtain sensitive information such as private group titles via a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Organic Groups
NVD
EPSS 0% CVSS 2.1
LOW POC PATCH Monitor

Cross-site scripting (XSS) vulnerability in og.js in the Organic Groups (OG) module 6.x-2.x before 6.x-2.4 for Drupal, when used with the Vertical Tabs module, allows remote authenticated users to. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. Public exploit code available.

XSS Organic Groups
NVD
EPSS 1% CVSS 6.8
MEDIUM POC PATCH This Month

The default views in the Organic Groups (OG) module 6.x-2.x before 6.x-2.4 for Drupal do not properly check permissions when all users have the "access content" permission removed, which allows. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Privilege Escalation Organic Groups
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy