Vulnerabilities > Open Atrium Project

DATE	CVE	VULNERABILITY TITLE	RISK
2018-02-01	CVE-2014-9504	Improper Access Control vulnerability in Open Atrium Project Open Atrium The OG Subgroups module, when used with the Open Atrium module 7.x-2.x before 7.x-2.26 for Drupal, allows remote attackers to access child groups via vectors related to membership inheritance. network low complexity open-atrium-project CWE-284	7.5
2018-02-01	CVE-2014-9503	Permissions, Privileges, and Access Controls vulnerability in Open Atrium Project Open Atrium The Discussions sub module in the Open Atrium module 7.x-2.x before 7.x-2.26 for Drupal allows remote authenticated users with "access content" permissions to modify arbitrary nodes by leveraging improper access checks on unspecified ajax callbacks. network low complexity open-atrium-project CWE-264	6.5
2018-02-01	CVE-2014-9502	Cross-Site Request Forgery (CSRF) vulnerability in Open Atrium Project Open Atrium Multiple cross-site request forgery (CSRF) vulnerabilities in unspecified sub modules in the Open Atrium module 7.x-2.x before 7.x-2.26 for Drupal allow remote attackers to hijack the authentication of unknown victims via vectors related to menu callbacks. network low complexity open-atrium-project CWE-352	8.8

Vulnerabilities > Open Atrium Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Open Atrium Project"}]}