What is the severity of CVE-2013-7065?

CVE-2013-7065 is rated as a moderate severity vulnerability that allows remote attackers to bypass access restrictions.

How do I fix CVE-2013-7065?

To fix CVE-2013-7065, update the Organic Groups module to version 7.x-2.3 or later.

What types of access are affected by CVE-2013-7065?

CVE-2013-7065 allows unauthorized posting to arbitrary groups via the group audience field.

Which Drupal versions are vulnerable to CVE-2013-7065?

Versions of the Organic Groups module prior to 7.x-2.3, including 7.x-2.0 and its alpha, beta, and release candidate versions, are vulnerable.

Who is impacted by CVE-2013-7065?

Organizations using affected versions of the Organic Groups module on their Drupal sites are at risk of exploitation due to this vulnerability.

Vulnerability/
CVE-2013-7065

medium

5.8

CWE

264

29/4/2014

6/8/2024

CVE-2013-7065

First published: Tue Apr 29 2014(Updated: )

The Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal allows remote attackers to bypass access restrictions and post to arbitrary groups via a group audience field, as demonstrated by the og_group_ref field.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Organic Groups Project Organic Groups	=7.x-2.0
Organic Groups Project Organic Groups	=7.x-2.0-alpha1
Organic Groups Project Organic Groups	=7.x-2.0-alpha2
Organic Groups Project Organic Groups	=7.x-2.0-alpha3
Organic Groups Project Organic Groups	=7.x-2.0-beta1
Organic Groups Project Organic Groups	=7.x-2.0-beta2
Organic Groups Project Organic Groups	=7.x-2.0-beta3
Organic Groups Project Organic Groups	=7.x-2.0-beta4
Organic Groups Project Organic Groups	=7.x-2.0-rc1
Organic Groups Project Organic Groups	=7.x-2.0-rc2
Organic Groups Project Organic Groups	=7.x-2.0-rc3
Organic Groups Project Organic Groups	=7.x-2.0-rc4
Organic Groups Project Organic Groups	=7.x-2.1
Organic Groups Project Organic Groups	=7.x-2.2
Organic Groups Project Organic Groups	=7.x-2.x-dev

Remedy

https://drupal.org/node/2140209

Remedy

https://drupal.org/node/2140217

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-7065?
CVE-2013-7065 is rated as a moderate severity vulnerability that allows remote attackers to bypass access restrictions.
How do I fix CVE-2013-7065?
To fix CVE-2013-7065, update the Organic Groups module to version 7.x-2.3 or later.
What types of access are affected by CVE-2013-7065?
CVE-2013-7065 allows unauthorized posting to arbitrary groups via the group audience field.
Which Drupal versions are vulnerable to CVE-2013-7065?
Versions of the Organic Groups module prior to 7.x-2.3, including 7.x-2.0 and its alpha, beta, and release candidate versions, are vulnerable.
Who is impacted by CVE-2013-7065?
Organizations using affected versions of the Organic Groups module on their Drupal sites are at risk of exploitation due to this vulnerability.

collector/nvd-index
agent/references
agent/type
agent/softwarecombine
agent/remedy
collector/mitre-cve
source/MITRE
agent/weakness
agent/author
agent/severity
agent/last-modified-date
agent/tags
agent/description
agent/event
agent/first-publish-date
agent/source
vendor/organic groups project
canonical/organic groups project organic groups
version/organic groups project organic groups/7.x-2.0
version/organic groups project organic groups/7.x-2.0-alpha1
version/organic groups project organic groups/7.x-2.0-alpha2
version/organic groups project organic groups/7.x-2.0-alpha3
version/organic groups project organic groups/7.x-2.0-beta1
version/organic groups project organic groups/7.x-2.0-beta2
version/organic groups project organic groups/7.x-2.0-beta3
version/organic groups project organic groups/7.x-2.0-beta4
version/organic groups project organic groups/7.x-2.0-rc1
version/organic groups project organic groups/7.x-2.0-rc2
version/organic groups project organic groups/7.x-2.0-rc3
version/organic groups project organic groups/7.x-2.0-rc4
version/organic groups project organic groups/7.x-2.1
version/organic groups project organic groups/7.x-2.2
version/organic groups project organic groups/7.x-2.x-dev

Frequently Asked Questions

What is the severity of CVE-2013-7065?
CVE-2013-7065 is rated as a moderate severity vulnerability that allows remote attackers to bypass access restrictions.
How do I fix CVE-2013-7065?
To fix CVE-2013-7065, update the Organic Groups module to version 7.x-2.3 or later.
What types of access are affected by CVE-2013-7065?
CVE-2013-7065 allows unauthorized posting to arbitrary groups via the group audience field.
Which Drupal versions are vulnerable to CVE-2013-7065?
Versions of the Organic Groups module prior to 7.x-2.3, including 7.x-2.0 and its alpha, beta, and release candidate versions, are vulnerable.
Who is impacted by CVE-2013-7065?
Organizations using affected versions of the Organic Groups module on their Drupal sites are at risk of exploitation due to this vulnerability.

CVE-2013-7065

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-7065?

How do I fix CVE-2013-7065?

What types of access are affected by CVE-2013-7065?

Which Drupal versions are vulnerable to CVE-2013-7065?

Who is impacted by CVE-2013-7065?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2013-7065?

How do I fix CVE-2013-7065?

What types of access are affected by CVE-2013-7065?

Which Drupal versions are vulnerable to CVE-2013-7065?

Who is impacted by CVE-2013-7065?