CVE-2012-3800

Name of the Vulnerable Software and Affected Versions Organic Groups (OG) module versions 6.x-2.x before 6.x-2.4

Description The issue is related to a cross-site scripting (XSS) vulnerability. It affects the og.js file in the Organic Groups (OG) module for Drupal when used in conjunction with the Vertical Tabs module. This vulnerability allows remote authenticated users to inject arbitrary web script or HTML, specifically through vectors related to the group title.

Recommendations For Organic Groups (OG) module versions 6.x-2.x before 6.x-2.4, update to version 6.x-2.4 or later to resolve the issue.