CVE-2012-2721
N/A
N/A
Summary
The default views in the Organic Groups (OG) module 6.x-2.x before 6.x-2.4 for Drupal do not properly check permissions when all users have the "access content" permission removed, which allows remote attackers to bypass access restrictions and possibly have other unspecified impact.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/53838
- http://drupal.org/node/1619736
- http://www.osvdb.org/82728
- http://www.openwall.com/lists/oss-security/2012/06/14/3
- http://drupalcode.org/project/og.git/commitdiff/1485708
- https://exchange.xforce.ibmcloud.com/vulnerabilities/76150
- http://drupal.org/node/1619810
- http://secunia.com/advisories/49397
References
- http://www.securityfocus.com/bid/53838
- http://drupal.org/node/1619736
- http://www.osvdb.org/82728
- http://www.openwall.com/lists/oss-security/2012/06/14/3
- http://drupalcode.org/project/og.git/commitdiff/1485708
- https://exchange.xforce.ibmcloud.com/vulnerabilities/76150
- http://drupal.org/node/1619810
- http://secunia.com/advisories/49397
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.