Organic Groups Project: >> Organic Groups >> 7.x-2.x Security Vulnerabilities
The Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal allows remote attackers to bypass access restrictions and post to arbitrary groups via a group audience field, as demonstrated by the og_group_ref field.
CVSS Score
5.8
EPSS Score
0.002
Published
2014-04-29
The Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users to bypass group restrictions on nodes with all groups set to optional input via an empty group field.
CVSS Score
4.9
EPSS Score
0.002
Published
2014-04-29