Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2010-005 - Own Term - Cross site scripting

By coltrane on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-005
  • Project: Own Term (third-party module)
  • Version: 6.x-1.0
  • Date: 2010-January-13
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x

SA-CONTRIB-2010-004 - Node block - Cross site scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-004
  • Project: Node Block (third-party module)
  • Version: 6.13, 5.11
  • Date: 2010-January-13
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x

SA-CONTRIB-2010-003 - Forward - Cross site scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-003
  • Project: Forward (third-party module)
  • Version: 6.x
  • Date: 2010-January-6
  • Security risk: Moderately Critical
  • Exploitable from: Remote
  • Vulnerability: Multiple XSS vulnerabilities
Categories: Drupal 6.x

SA-CONTRIB-2010-002 - Currency Exchange - Cross site scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-002
  • Project: Currency Exchange (third-party module)
  • Version: 6.x
  • Date: 2010-January-6
  • Security risk: Moderately Critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x

SA-CONTRIB-2010-001 - Wunderbar - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-001
  • Project: Wunderbar! (third-party module)
  • Version: 6.x
  • Date: 2010-January-6
  • Security risk: Not Critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x

SA-CONTRIB-2009-115 - Autocomplete Widgets for CCK Text and Number - Information Disclosure

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-115
  • Project: Autocomplete Widgets for CCK Text and Number (third-party module)
  • Version: 6.x
  • Date: 2009-December-30
  • Security risk: Less Critical
  • Exploitable from: Remote
  • Vulnerability: Information Disclosure
Categories: Drupal 6.x

SA-CONTRIB-2009-114 - Automated Logout - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-114
  • Project: Automated Logout (third-party module)
  • Version: 6.x
  • Date: 2009-December-23
  • Security risk: Moderately Critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x

SA-CONTRIB-2009-113 - FAQ - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-113
  • Project: FAQ (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009-December-23
  • Security risk: Moderately Critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 5.x, Drupal 6.x

SA-CORE-2009-009 - Drupal Core - Cross site scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CORE-2009-009
  • Project: Drupal core
  • Version: 5.x, 6.x
  • Date: 2009-December-16
  • Security risk: Not critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2009-112 - Sections - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-112
  • Project: Sections (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009-December-16
  • Security risk: Moderately Critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 5.x, Drupal 6.x

Pages

Subscribe with RSS Subscribe to Security advisories