CVE-2013-7068

Name of the Vulnerable Software and Affected Versions Organic Groups (OG) module versions 7.x-2.x through 7.x-2.2

Description The issue allows remote authenticated users to bypass group restrictions on nodes with all groups set to optional input via an empty group field.

Recommendations For Organic Groups (OG) module versions 7.x-2.x through 7.x-2.2, update to version 7.x-2.3 or later to resolve the issue.