The Organic Groups (OG) module 7.x-1.x before 7.x-1.5 for Drupal does not properly maintain pending group memberships, which allows remote authenticated users to post to arbitrary groups by modifying their own account while a pending membership is waiting to be approved.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Organic_groups | Organic_groups_project | 7.x-1.0 (including) | 7.x-1.0 (including) |
| Organic_groups | Organic_groups_project | 7.x-1.0-alpha1 (including) | 7.x-1.0-alpha1 (including) |
| Organic_groups | Organic_groups_project | 7.x-1.1 (including) | 7.x-1.1 (including) |
| Organic_groups | Organic_groups_project | 7.x-1.1-rc1 (including) | 7.x-1.1-rc1 (including) |
| Organic_groups | Organic_groups_project | 7.x-1.1-rc2 (including) | 7.x-1.1-rc2 (including) |
| Organic_groups | Organic_groups_project | 7.x-1.1-rc3 (including) | 7.x-1.1-rc3 (including) |
| Organic_groups | Organic_groups_project | 7.x-1.1-rc4 (including) | 7.x-1.1-rc4 (including) |
| Organic_groups | Organic_groups_project | 7.x-1.2 (including) | 7.x-1.2 (including) |
| Organic_groups | Organic_groups_project | 7.x-1.3 (including) | 7.x-1.3 (including) |
| Organic_groups | Organic_groups_project | 7.x-1.4 (including) | 7.x-1.4 (including) |
| Organic_groups | Organic_groups_project | 7.x-1.x-dev (including) | 7.x-1.x-dev (including) |