Unrated severityNVD Advisory· Published Jun 27, 2012· Updated Apr 29, 2026
CVE-2012-2721
CVE-2012-2721
Description
The default views in the Organic Groups (OG) module 6.x-2.x before 6.x-2.4 for Drupal do not properly check permissions when all users have the "access content" permission removed, which allows remote attackers to bypass access restrictions and possibly have other unspecified impact.
Affected products
8cpe:2.3:a:moshe_weitzman:organic_groups:6.x-2.0:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:moshe_weitzman:organic_groups:6.x-2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moshe_weitzman:organic_groups:6.x-2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:moshe_weitzman:organic_groups:6.x-2.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:moshe_weitzman:organic_groups:6.x-2.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:moshe_weitzman:organic_groups:6.x-2.1:*:*:*:*:*:*:*
- cpe:2.3:a:moshe_weitzman:organic_groups:6.x-2.2:*:*:*:*:*:*:*
- cpe:2.3:a:moshe_weitzman:organic_groups:6.x-2.3:*:*:*:*:*:*:*
- cpe:2.3:a:moshe_weitzman:organic_groups:6.x-2.x:dev:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- drupal.org/node/1619736nvdPatch
- drupal.org/node/1619810nvdPatchVendor Advisory
- drupalcode.org/project/og.git/commitdiff/1485708nvdExploitPatch
- secunia.com/advisories/49397nvdVendor Advisory
- www.openwall.com/lists/oss-security/2012/06/14/3nvd
- www.osvdb.org/82728nvd
- www.securityfocus.com/bid/53838nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/76150nvd
News mentions
0No linked articles in our index yet.