Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2009-061 - Markdown Preview - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-061
  • Project: Markdown Preview (third-party module)
  • Version: 6.x
  • Date: 2009 September 23
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x

SA-CONTRIB-2009-060 - Meta tags (Nodewords) - Access bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-060
  • Project: Meta tags / Nodewords (third-party module)
  • Version: 6.x
  • Date: 2009-September-23
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 6.x

SA-CORE-2009-008 - Drupal core - Multiple vulnerabilities

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CORE-2009-008
  • Project: Drupal core
  • Version: 5.x, 6.x
  • Date: 2009-September-16
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2009-059 - OpenID - Multiple vulnerabilities

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-059
  • Project: OpenID (third-party module)
  • Version: 5.x
  • Date: 2009-September-16
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Impersonation, cross site request forgery
Categories: Drupal 5.x

SA-CONTRIB-2009-058 - Comment RSS - Access bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-058
  • Project: Comment RSS (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009-September-16
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2009-057 - Date - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-057
  • Project: Date (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009-September-16
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2009-056 - Node2Node, Node Browser, Subdomain Manager, Quota by role, Rest API with vulnerabilities, now abandoned

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-056
  • Project: Node2Node, Node Browser, Subdomain Manager, Quota by role, Rest API (third-party modules)
  • Version: 5.x, 6.x
  • Date: 2009 Sept 9
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2009-055 - BUEditor - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-055
  • Project: BUEditor (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009 September 9
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2009-054 - Go - url redirects - Multiple vulnerabilities

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-054
  • Project: Go - url redirects (third-party module)
  • Versions: 5.x, 6.x
  • Date: 2009 August 26
  • Security risk: Highly Critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2009-053 - Ajax Table - Multiple vulnerabilities

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-053
  • Project: Ajax Table (third-party module)
  • Version: 5.x
  • Date: 2009-Aug-26
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities
Categories: Drupal 5.x

Pages

Subscribe with RSS Subscribe to Security advisories