Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2014-069 - Logintoboggan - Access Bypass and Cross Site Scripting (XSS)

By Drupal Security Team on 9 Jul 2014 at 17:17 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-069
Project: LoginToboggan (third-party module)
Version: 7.x
Date: 2014-July-09
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting, Access bypass

SA-CONTRIB-2014-068 - Pane - XSS

By Drupal Security Team on 2 Jul 2014 at 20:09 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-068
Project: Pane (third-party module)
Version: 7.x
Date: 2014-July-02
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-067 - Meta Tags Quick - Multiple vulnerabilities

By Drupal Security Team on 2 Jul 2014 at 13:39 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-067
Project: Meta tags quick (third-party module)
Version: 7.x
Date: 2014-July-02
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting, Open Redirect

SA-CONTRIB-2014-066 - Node Access Keys - Access Bypass

By Drupal Security Team on 2 Jul 2014 at 13:32 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-066
Project: Node Access Keys (third-party module)
Version: 7.x
Date: 2014-July-02
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2014-065 - Custom Meta - Cross Site Scripting (XSS)

By Drupal Security Team on 18 Jun 2014 at 14:37 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-065
Project: Custom Meta (third-party module)
Version: 6.x, 7.x
Date: 2014-June-18
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-064 -Course - Access bypass

By Drupal Security Team on 18 Jun 2014 at 14:04 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-064
Project: Course (third-party module)
Version: 6.x, 7.x
Date: 2014-June-18
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2014-063 - Easy Breadcrumb - Cross Site Scripting (XSS)

By Drupal Security Team on 18 Jun 2014 at 13:07 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-063
Project: Easy Breadcrumb (third-party module)
Version: 7.x
Date: 2014-June-18
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-062 -Passsword Policy - Multiple vulnerabilities

By Drupal Security Team on 18 Jun 2014 at 12:58 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-062
Project: Password policy (third-party module)
Version: 6.x, 7.x
Date: 2014-June-18
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Multiple vulnerabilities

SA-CONTRIB-2014-061 - VideoWhisper Webcam Plugins - Cross Site Scripting (XSS) - Unsupported

By Drupal Security Team on 18 Jun 2014 at 12:54 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-061
Project: VideoWhisper Webcam Plugins (third-party module)
Version: 7.x
Date: 2014-June-18
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-060- Petitions - Cross Site Request Forgery (CSRF)

By Drupal Security Team on 11 Jun 2014 at 18:41 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-060
Project: - Petitions - (third-party distribution)
Version: 7.x
Date: 2014-June-11
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross Site Request Forgery

Pages

Subscribe with RSS