The default views in the Organic Groups (OG) module 6.x-2.x prior to 6.x-2.4 for Drupal do not properly check permissions when all users have the "access content" permission removed, which allows remote malicious users to bypass access restrictions and possibly have other unspecified impact.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
moshe_weitzman organic_groups 6.x-2.0 |
||
moshe_weitzman organic_groups 6.x-2.1 |
||
moshe_weitzman organic_groups 6.x-2.x |
||
moshe_weitzman organic_groups 6.x-2.2 |
||
moshe_weitzman organic_groups 6.x-2.3 |