The Organic Groups (OG) module 6.x-2.x prior to 6.x-2.3 for Drupal does not properly restrict access, which allows remote malicious users to obtain sensitive information such as private group titles via a request through the Views module.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
moshe_weitzman organic_groups 6.x-2.x |
||
moshe_weitzman organic_groups 6.x-2.2 |
||
moshe_weitzman organic_groups 6.x-2.0 |
||
moshe_weitzman organic_groups 6.x-2.1 |