CVE-2008-3095

Name of the Vulnerable Software and Affected Versions: Organic Groups (OG) module versions 5.x before 5.x-7.3 Organic Groups (OG) module versions 6.x before 6.x-1.0-RC1

Description: A cross-site scripting (XSS) issue allows remote authenticated users with group owner permissions to inject arbitrary web script or HTML. This could potentially lead to unauthorized actions on the website.

Recommendations: For Organic Groups (OG) module versions 5.x before 5.x-7.3, update to version 5.x-7.3 or later. For Organic Groups (OG) module versions 6.x before 6.x-1.0-RC1, update to version 6.x-1.0-RC1 or later.