Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2011-045 - Rate module Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2011-045
  • Project: Rate (third-party module)
  • Version: 6.x, 7.x
  • Date: 2011-October-05
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting (XSS)
Categories: Drupal 6.x, Drupal 7.x

SA-CONTRIB-2011-044 - Homebox for Organic Groups Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2011-044
  • Project: Homebox (third-party module)
  • Version: 6.x, 7.x
  • Date: 2011-October-05
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting (XSS)
Categories: Drupal 6.x

SA-CONTRIB-2011-043 - Petition Node - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2011-043
  • Project: petition_node (third-party module)
  • Version: 6.x
  • Date: 2011-October-05
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x

SA-CONTRIB-2011-042 Views Bulk Operations - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2011-042
  • Project: Views Bulk Operations (VBO) (third-party module)
  • Version: 6.x
  • Date: 2011-September-21
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x

SA-CONTRIB-2011-041 - Hostmaster (Aegir) - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: SA-CONTRIB-2011-041
  • Project: Hostmaster (Aegir) (third-party module)
  • Version: 6.x
  • Date: 2011-September-21
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x

SA-CONTRIB-2011-040 Author Pane access bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2011-040
  • Project: Author Pane (third-party module)
  • Version: 6.x
  • Date: 2011-September-7
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass

SA-CONTRIB-2011-039 - Bot Alarm - Multiple vulnerabilities

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2011-039
  • Project: Bot Alarm (third-party module)
  • Version: 6.x
  • Date: 2011-August-31
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting, Cross Site Request Forgery
Categories: Drupal 6.x

SA-CONTRIB-2011-038 - Taxonomy Views Integrator - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2011-038
  • Project: Taxonomy Views Integrator (third-party module)
  • Version: 6.x
  • Date: 2011-August-31
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x

SA-CONTRIB-2011-037- Node Invite - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2011-037
  • Project: Node Invite (third-party module)
  • Version: 6.x
  • Date: 2011-August-31
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x

SA-CONTRIB-2011-036 - Addresses - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2011-036
  • Project: Addresses (third-party module)
  • Version: 6.x
  • Date: 2011-August-17
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x

Pages

Subscribe with RSS Subscribe to Security advisories