MidnightBSD

Advisories for florian_weber

CVE-2013-4498 LOW

The Spaces OG submodule in the Spaces module 6.x-3.x before 6.x-3.7 for Drupal does not properly delete organic group group spaces content when using the option to move to a new group, which causes the content to be "orphaned" and allows remote authenticated users with the "access content" permission to obtain sensitive information via vectors involving a rebuild access for the site or content.

CVSS 2.0

Severity: LOW

Problem Type: CWE-264,

Products Affected

Vendor Product Version
florian_weber spaces 6.x-3.3
florian_weber spaces 6.x-3.5
florian_weber spaces 6.x-3.2
florian_weber spaces 6.x-3.4
florian_weber spaces 6.x-3.0
florian_weber spaces 6.x-3.6
florian_weber spaces 6.x-3.1