Vulnerabilities > Open Atrium Project > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-01 | CVE-2014-9504 | Improper Access Control vulnerability in Open Atrium Project Open Atrium The OG Subgroups module, when used with the Open Atrium module 7.x-2.x before 7.x-2.26 for Drupal, allows remote attackers to access child groups via vectors related to membership inheritance. | 7.5 |
| 2018-02-01 | CVE-2014-9502 | Cross-Site Request Forgery (CSRF) vulnerability in Open Atrium Project Open Atrium Multiple cross-site request forgery (CSRF) vulnerabilities in unspecified sub modules in the Open Atrium module 7.x-2.x before 7.x-2.26 for Drupal allow remote attackers to hijack the authentication of unknown victims via vectors related to menu callbacks. | 8.8 |