Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2013-064 - Persona - Cross site request forgery (CSRF)

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2013-064
  • Project: Mozilla Persona (third-party module)
  • Version: 7.x
  • Date: 2013-August-07
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Request Forgery
Categories: Drupal 7.x

SA-CONTRIB-2013-063 - Authenticated User Page Caching (Authcache) - Information Disclosure

By Drupal Security Team on
Categories: Drupal 7.x

SA-CONTRIB-2013-062 - RESTful Web Services (RESTWS) - Access Bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2013-062
  • Project: RESTful Web Services (third-party module)
  • Version: 7.x
  • Date: 2013-August-07
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 7.x

SA-CONTRIB-2013-061 - Flippy - Access Bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2013-061
  • Project: Flippy (third-party module)
  • Version: 7.x
  • Date: 2013-July-31
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 7.x

SA-CONTRIB-2013-060 - Scald - Cross Site Scripting (XSS)

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2013-060
  • Project: Scald (third-party module)
  • Version: 6.x, 7.x
  • Date: 2013-July-24
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x, Drupal 7.x

SA-CONTRIB-2013-059 - Hostmaster (Aegir) - Access Bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2013-059
  • Project: Hostmaster (Aegir) (third-party module)
  • Version: 6.x
  • Date: 2013-July-17
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 6.x

SA-CONTRIB-2013-058 - MRBS - Abandoned - Mutliple vulnerabilities

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2013-058
  • Project: MRBS (third-party module)
  • Version: 6.x, 7.x
  • Date: 2013-July-17
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Request Forgery, SQL Injection
Categories: Drupal 6.x, Drupal 7.x

SA-CONTRIB-2013-057 - TinyBox - Cross Site Scripting (XSS)

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2013-057
  • Project: TinyBox (Simple Splash) (third-party module)
  • Version: 7.x
  • Date: 2013-July-10
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 7.x

SA-CONTRIB-2013-056 - Stage File Proxy - Denial of Service

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2013-056
  • Project: Stage File Proxy (third-party module)
  • Version: 7.x
  • Date: 2013-July-10th
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities
Categories: Drupal 7.x

SA-CONTRIB-2013-055 - Hatch - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2013-055
  • Project: Hatch (third-party theme)
  • Version: 7.x
  • Date: 2013-July-10
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 7.x

Pages

Subscribe with RSS Subscribe to Security advisories