Security advisories for third-party projects that are not part of Drupal core - this includes all modules, themes, and installation profiles that have been contributed by a community member. These posts by the Drupal security team are also sent to the security announcements e-mail list.

SA-CONTRIB-2012-036 - Multiple Modules Unsupported

SA-CONTRIB-2012-035 - Webform Cross Site Scripting (XSS)

  • Advisory ID: DRUPAL-SA-CONTRIB-2012-035
  • Project: Webform (third-party module)
  • Version: 6.x, 7.x
  • Date: 2012-March-07
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-034 - Node Recommendation Cross Site Scripting (XSS)

  • Advisory ID: DRUPAL-SA-CONTRIB-2012-034
  • Project: Node Recommendation (third-party module)
  • Version: 6.x
  • Date: 2012-March-7
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-033 - Read More Link - Cross Site Scripting

  • Advisory ID: DRUPAL-SA-CONTRIB-2012-033
  • Project: Read More Link (third-party module)
  • Version: 6.x
  • Date: 2012-March-07
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-032 - Block Class - Cross Site scripting

  • Advisory ID: DRUPAL-SA-CONTRIB-2012-032
  • Project: Block Class (third-party module)
  • Version: 7.x
  • Date: 2012-March-07
  • Security risk: Moderately Critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-031 - Multiple Modules Unsupported - UC PayDutchGroup - Information leakage and Multisite Search sql injection

SA-CONTRIB-2012-030 - Data - Cross Site Scripting (XSS)

  • Advisory ID: DRUPAL-SA-CONTRIB-2012-030
  • Project: Data (third-party module)
  • Version: 6.x
  • Date: 2012-March-07
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-029 - Taxonomy Views Integrator - Cross Site Scripting (XSS)

  • Advisory ID: DRUPAL-SA-CONTRIB-2012-029
  • Project: Taxonomy Views Integrator (third-party module)
  • Version: 6.x
  • Date: 2012-February-29
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-028 - Hierarchical Select - Cross Site Scripting (XSS)

  • Advisory ID: DRUPAL-SA-CONTRIB-2012-028
  • Project: Hierarchical Select (third-party module)
  • Version: 6.x
  • Date: 2012-February-29
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-027 - Submenu Tree -Cross Site Scripting

  • Advisory ID: DRUPAL-SA-CONTRIB-2012-027
  • Project: Submenu Tree (third-party module)
  • Version: 6.x
  • Date: 2012-February-29
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS Subscribe to Security advisories for contributed projects