CVE-2013-1907

Published: Jul 16, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

The Commons Group module before 7.x-3.1 for Drupal, as used in the Commons module before 7.x-3.1, does not properly restrict access to groups, which allows remote attackers to post arbitrary content to groups via unspecified vectors.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://packetstormsecurity.com/files/120991/Drupal-Common-Groups-7.x-Access-Bypass-Privilege-Escalation.html

x_refsource_MISC

20130327 [Security-news] SA-CONTRIB-2013-038 - Commons Groups - Access bypass & Privilege escalation

mailing-list

x_refsource_FULLDISC

52795

third-party-advisory

x_refsource_SECUNIA

https://drupal.org/node/1954764

x_refsource_MISC

52769

third-party-advisory

x_refsource_SECUNIA

https://drupal.org/node/1954948

x_refsource_CONFIRM

https://drupal.org/node/1954762

x_refsource_CONFIRM

91748

vdb-entry

x_refsource_OSVDB

drupal-commons-groups-security-bypass(83133)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-1907

Description

Affected Products

References