Security advisories for third-party projects that are not part of Drupal core - this includes all modules, themes, and installation profiles that have been contributed by a community member. These posts by the Drupal security team are also sent to the security announcements e-mail list.

SA-CONTRIB-2015-002 - Course - Cross Site Scripting (XSS)

SA-CONTRIB-2015-001 - OPAC - Cross-Site Request Forgery (CSRF)

SA-CONTRIB-2014-128 - Organic Groups Menu - Access bypass

SA-CONTRIB-2014-127 - School Administration - Cross Site Scripting (XSS)

SA-CONTRIB-2014-126 - Open Atrium - Multiple vulnerabilities

SA-CONTRIB-2014-125 - Organic Groups Menu - Access bypass

SA-CONTRIB-2014-124 - Poll Chart - Cross Site Scripting (XSS)

SA-CONTRIB-2014-123 - Postal Code - Cross Site Scripting (XSS)

SA-CONTRIB-2014-122 - MoIP - Cross Site Scripting (XSS)

SA-CONTRIB-2014-121 - Godwin's Law - Cross-Site Scripting (XSS)


Subscribe with RSS Subscribe to Security advisories for contributed projects