Show advisories for only Drupal core, only PSAs, or all security advisories

Security advisories for third-party projects that are not part of Drupal core - this includes all modules, themes, and installation profiles that have been contributed by community members.

SA-CONTRIB-2012-051 - Activity - Multiple Vulnerablities

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-051
  • Project: Activity (third-party module)
  • Version: 6.x
  • Date: 2012-March-28
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting, Cross Site Request Forgery
Categories: Drupal 6.x

SA-CONTRIB-2012-050 - CDN2 Video - Unsupported

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-050
  • Project: CDN2 Video (third-party module)
  • Version: 6.x
  • Date: 2012-March-28
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities
Categories: Drupal 6.x

SA-CONTRIB-2012-049 - ShareThis - Multiple Vulnerablies

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-049
  • Project: ShareThis (third-party module)
  • Version: 7.x
  • Date: 2012-March-28
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting, Cross Site Request Forgery
Categories: Drupal 7.x

SA-CONTRIB-2012-048 - Contact Save - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-048
  • Project: Contact Save (third-party module)
  • Version: 6.x
  • Date: 2012-March-28
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x

SA-CONTRIB-2012-047 - Ubercart Views - Information disclosure

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-047
  • Project: Ubercart Views (third-party module)
  • Version: 6.x
  • Date: 2012-March-28
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 6.x

SA-CONTRIB-2012-046 - Bundle Copy - Arbitrary Code execution

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-046
  • Project: Bundle copy (third-party module)
  • Version: 7.x
  • Date: 2012-March-28
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Arbitrary PHP code execution
Categories: Drupal 7.x

SA-CONTRIB-2012-045 - AddToAny - Cross Site Scripting

By Drupal Security Team on
Categories: Drupal 6.x

SA-CONTRIB-2012-044 - Contact Forms - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-044
  • Project: Contact Forms (third-party module)
  • Version: 6.x
  • Date: 2012-March-28
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x

SA-CONTRIB-2012-043 - MultiBlock - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-043
  • Project: MultiBlock (third-party module)
  • Version: 6.x, 7.x
  • Date: 2012-March-28
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x, Drupal 7.x

SA-CONTRIB-2012-042 - Wishlist Cross Site Scripting (XSS)

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-042
  • Project: Wishlist Module (third-party module)
  • Version: 6.x, 7.x
  • Date: 2012-March-21
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting, Cross Site Request Forgery
Categories: Drupal 6.x, Drupal 7.x

Pages

Subscribe with RSS Subscribe to Security advisories for contributed projects