Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2013-7068

The Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users to bypass group restrictions on nodes with all groups set to optional input via an empty group field.

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2013120...
MLIST: [oss-security] 2013121...
MISC: https://drupal.org/nod...
CONFIRM: https://drupal.org/nod...

Launchpad.net

CVE 2013-7068

Related bugs

References