Skip to main content
Skip to search
Can we use first and third party cookies and web beacons to
understand our audience, and to tailor promotions you see
?
Yes, please
No, do not track me
Drupal.org home
Discover Drupal
Drupal Core
Drupal CMS
Drupal AI
Case Studies
Drupal for Government
Drupal for Higher Education
Drupal for Nonprofit
Drupal for eCommerce
Drupal for FinTech
Drupal for Healthcare
Drupal for Enterprise
Drupal for Retail
Drupal for Travel & Tourism
Build with Drupal
Download Drupal
Documentation
Getting started
Local Development Guide
Developer Resources
Drupal CMS User Guide
Drupal User Guide
API
Modules
Themes
Recipes
Site Templates
Issue queues
Security Advisories
Partners & Services
Find a Drupal Certified Partner
Become a Drupal Certified Partner
Find a Hosting Provider
Find a Migration Partner
Find Training
Drupal Steward
Community
About the Community
How to Contribute
DrupalCon
Events
Jobs / Careers
News & Blogs
Forum
Slack
Newsletters
Drupal Swag Shop
Support Drupal
The Drupal Association
Donate
Become a Partner
Become a Ripple Maker
Become a Drupal Sustaining Member
Drupal Swag Shop
Get Started
Try Drupal CMS
Try Hosting
Return to content
Search form
Search
Log in
Create account
Security advisories
Show advisories for
only Drupal Core
,
only contributed projects
, or
only
PSAs
Workbench Moderation - Moderately Critical - Information Disclosure - SA-CONTRIB-2016-060
By
Drupal Security Team
on
2 Nov 2016 at 20:40 UTC
Advisory ID: DRUPAL-SA-CONTRIB-2016-060
Project:
Workbench Moderation
(third-party module)
Version: 7.x
Date: 2016-November-02
Security risk:
11/25 (
Moderately Critical
) AC:Basic/A:None/CI:Some/II:None/E:Theoretical/TD:Uncommon
Vulnerability: Information Disclosure
D8 Editor File upload - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2016-059
By
Drupal Security Team
on
2 Nov 2016 at 19:38 UTC
Advisory ID: DRUPAL-SA-CONTRIB-2016-059
Project:
D8 Editor File upload
(third-party module)
Version: 8.x
Date: 2016-November-02
Security risk:
12/25 (
Moderately Critical
) AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:Uncommon
Vulnerability:
Bootstrap - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2016-058
By
Drupal Security Team
on
2 Nov 2016 at 18:04 UTC
Advisory ID: DRUPAL-SA-CONTRIB-2016-058
Project:
Bootstrap
(third-party theme)
Version: 7.x
Date: 2016-November-02
Security risk:
13/25 (
Moderately Critical
) AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:Default
Vulnerability: Cross Site Scripting
Profile 2 Registration Path - Critical - Cross Site Scripting (XSS) and Access Bypass DRUPAL-SA-CONTRIB-2015-057
By
Drupal Security Team
on
2 Nov 2016 at 17:47 UTC
Advisory ID: DRUPAL-SA-CONTRIB-2015-057
Project:
Profile2 Registration Path
(third-party module)
Version: 7.x
Date: 2016-November-02
Security risk:
19/25 (
Critical
) AC:None/A:None/CI:Some/II:Some/E:Proof/TD:All
Vulnerability: Access bypass
Like/Dislike - Critical - Cross Site Request Forgery - SA-CONTRIB-2016-056
By
Drupal Security Team
on
2 Nov 2016 at 17:38 UTC
Advisory ID: DRUPAL-SA-CONTRIB-2016-056
Project:
Like/Dislike
(third-party module)
Version: 8.x
Date: 2016-November-02
Security risk:
15/25 (
Moderately Critical
) AC:None/A:None/CI:Some/II:Some/E:Theoretical/TD:All
Cross Site Request Forgery
Menu Views - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2016-055
By
Drupal Security Team
on
2 Nov 2016 at 17:21 UTC
Advisory ID: DRUPAL-SA-CONTRIB-2016-055
Project:
Menu Views
(third-party module)
Version: 7.x
Date: 2016-November-02
Security risk:
12/25 (
Moderately Critical
) AC:Complex/A:Admin/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting
Tripal BLAST UI - Highly Critical - Remote Code Execution - SA-CONTRIB-2016-054
By
Drupal Security Team
on
26 Oct 2016 at 16:20 UTC
Advisory ID: DRUPAL-SA-CONTRIB-2016-054
Project:
Tripal BLAST UI
(third-party module)
Version: 7.x
Date: 2016-October-26
Security risk:
20/25 (
Highly Critical
) AC:Basic/A:None/CI:All/II:All/E:Theoretical/TD:All
Vulnerability: Remote code execution
Webform - Less Critical - Access Bypass - SA-CONTRIB-2016-053
By
Drupal Security Team
on
19 Oct 2016 at 14:27 UTC
Advisory ID: DRUPAL-SA-CONTRIB-2016-053
Project:
Webform
(third-party module)
Version: 7.x
Date: 2016-October-19
Security risk:
9/25 (
Less Critical
) AC:Basic/A:None/CI:None/II:None/E:Theoretical/TD:Default
Vulnerability: Access bypass
Elysia Cron - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2016-052
By
Drupal Security Team
on
12 Oct 2016 at 14:08 UTC
Advisory ID: DRUPAL-SA-CONTRIB-2016-052
Project:
Elysia Cron
(third-party module)
Version: 7.x
Date: 2016-October-12
Security risk:
11/25 (
Moderately Critical
) AC:Complex/A:Admin/CI:Some/II:Some/E:Theoretical/TD:Default
Vulnerability: Cross Site Scripting
Drupal file upload by anonymous or untrusted users into public file systems - PSA-2016-003
Date:
2016-October-10
Advisory ID: DRUPAL-PSA-2016-003
Project:
Drupal core
Version: 7.x, 8.x
Date: 2016-October-10
Security risk:
20/25 ( Critical) AC:None/A:None/CI:Some/II:Some/E:Exploit/TD:All
Pages
« first
‹ previous
…
80
81
82
83
84
85
86
87
88
…
next ›
last »
Subscribe with RSS
