The OG Features module 6.x-1.x before 6.x-1.4 for Drupal does not properly override pages that have an access callback set to false, which allows remote attackers to bypass intended access restrictions via a request.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Og_features | Mike_stefanello | 6.x-1.0 | 6.x-1.0 |
Og_features | Mike_stefanello | 6.x-1.0 | 6.x-1.0 |
Og_features | Mike_stefanello | 6.x-1.0 | 6.x-1.0 |
Og_features | Mike_stefanello | 6.x-1.0 | 6.x-1.0 |
Og_features | Mike_stefanello | 6.x-1.0 | 6.x-1.0 |
Og_features | Mike_stefanello | 6.x-1.1 | 6.x-1.1 |
Og_features | Mike_stefanello | 6.x-1.2 | 6.x-1.2 |
Og_features | Mike_stefanello | 6.x-1.3 | 6.x-1.3 |
Og_features | Mike_stefanello | 6.x-1.x | 6.x-1.x |