Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2010-017 - iTweak Upload - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-017
  • Project: iTweak Upload (third-party module)
  • Version: 6.x
  • Date: 2010 February 17
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-016 - Graphviz Filter - arbitrary code execution

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-016
  • Project: Graphviz Filter (third-party module)
  • Version: 6.x, 5.x
  • Date: 2010 February 10
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Arbitrary code execution
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2010-015 - Signwriter - Arbitrary code execution

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-015
  • Project: Signwriter (third-party module)
  • Version: 5.x, 6.x
  • Date: 2010-February-3
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Arbitrary code execution
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2010-014 - Node Export - Arbitrary code execution

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-014
  • Project: Node Export (third-party module)
  • Version: 5.x, 6.x
  • Date: 2010-February-3
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Arbitrary code execution
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2010-013 - Menu Breadcrumb - Cross site scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-013
  • Project: Menu Breadcrumb (third-party module)
  • Version: 6.x
  • Date: 2010-February-03
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x

SA-CONTRIB-2010-012 - ODF Import - Access Bypass (possible Cross Site Scripting)

By greggles on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-012
  • Project: ODF Import (third-party module)
  • Version: 6.x-1.0
  • Date: 2010-February-3
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x

SA-CONTRIB-2010-011 - Feedback - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-011
  • Project: Feedback (third-party module)
  • Version: 5.x, 6.x
  • Date: 2010-January-27
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2010-010 - Author Contact - Cross site scripting

By coltrane on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-010
  • Project: Author Contact (third-party module)
  • Version: 5.x, 6.x
  • Date: 2010-January-27
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2010-009 - Block Class - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-009
  • Project: Block Class (third-party module)
  • Version: 6.x-1.2, 5.x-1.1
  • Date: 2010-January-20
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2010-008 - Recent Comments - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-008
  • Project: Recent Comments (third-party module)
  • Version: 6.x-1.0, 5.x-1.2
  • Date: 2010-January-20
  • Security risk: Less Critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 5.x, Drupal 6.x

Pages

Subscribe with RSS Subscribe to Security advisories