Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2012-015 - Managesite - Cross Site Scripting (XSS)

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-015
  • Project: Managesite (third-party module)
  • Version: 6.x
  • Date: 2012-January-25
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x

SA-CONTRIB-2012-014 - Drupal Commerce - Cross Site Scripting (XSS)

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-014
  • Project: Drupal Commerce (third-party module)
  • Version: 7.x
  • Date: 2012-January-25
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 7.x

SA-CONTRIB-2012-013 - Search Autocomplete - SQL Injection

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-013
  • Project: Search Autocomplete (third-party module)
  • Version: 7.x
  • Date: 2012-January-25
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: SQL Injection
Categories: Drupal 7.x

SA-CONTRIB-2012-012 - Quicktabs - Cross Site Scripting (XSS)

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-012
  • Project: Quick Tabs (third-party module)
  • Version: 6.x, 7.x
  • Date: 2012-January-18
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x, Drupal 7.x

SA-CONTRIB-2012-011 - Panels - Cross Site Scripting (XSS)

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-011
  • Project: Panels (third-party module)
  • Version: 6.x
  • Date: 2012-January-18
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x

SA-CONTRIB-2012-010 - stickynote - Multiple vulnerabilities

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-010
  • Project: stickynote (third-party module)
  • Version: 7.x
  • Date: 2012-January-17
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting, Cross Site Request Forgery
Categories: Drupal 7.x

SA-CONTRIB-2012-009 - Revisioning - Access bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-009
  • Project: Revisioning (third-party module)
  • Version: 7.x
  • Date: 2012-January-18
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 7.x

Hash DOS attack prevention with Suhosin needs a .htaccess edit - PSA-2012-001

Date: 
2012-January-11
  • Advisory ID: DRUPAL-PSA-2012-001
  • Project: Drupal core
  • Version: 6.x, 7.x
  • Date: 2012-01-11
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Denial of Service

SA-CONTRIB-2012-008 - Video Filter - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-008
  • Project: Video Filter (third-party module)
  • Version: 6.x, 7.x
  • Date: 2012-JANUARY-11
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x, Drupal 7.x

SA-CONTRIB-2012-007 - Password Policy - Multiple vulnerabilities

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-007
  • Project: Password policy (third-party module)
  • Version: 6.x
  • Date: 2012-January-11
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting, Cross Site Request Forgery
Categories: Drupal 6.x

Pages

Subscribe with RSS Subscribe to Security advisories