VYPR

OG

by Drupal

CVEs (2)

  • CVE-2012-3800Jun 27, 2012
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in og.js in the Organic Groups (OG) module 6.x-2.x before 6.x-2.4 for Drupal, when used with the Vertical Tabs module, allows remote authenticated users to inject arbitrary web script or HTML via vectors related the group title.

  • CVE-2012-2721Jun 27, 2012
    risk 0.00cvss epss 0.03

    The default views in the Organic Groups (OG) module 6.x-2.x before 6.x-2.4 for Drupal do not properly check permissions when all users have the "access content" permission removed, which allows remote attackers to bypass access restrictions and possibly have other unspecified…