Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2009-033 - Quiz - Cross site scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-033
  • Project: Quiz (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009-June-03
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2009-032 - Webform - Cross-site scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-032
  • Project: Webform (third-party module)
  • Versions: 5.x, 6.x
  • Date: 2009-June-03
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross-site scripting
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2009-031 - Ajax Session - Multiple vulnerabilities

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-031
  • Project: Ajax Session (third-party module)
  • Version: 5.x
  • Date: 2009 May 27
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities

SA-CONTRIB-2009-030 - Email Verification - Information disclosure / Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-030
  • Project: Email Verification (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009-May-20
  • Security risk: High
  • Exploitable from: Remote
  • Vulnerability: Information disclosure, Cross Site Scripting
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2009-029 - Views Bulk Operations - Access Bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-029
  • Project: Views Bulk Operations (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009-May-20
  • Security risk: Medium
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 5.x, Drupal 6.x

SA-CORE-2009-006 - Drupal core - Cross site scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CORE-2009-006
  • Project: Drupal core
  • Version: 5.x, 6.x
  • Date: 2009-May-13
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2009-028 - Feed Block - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-028
  • Project: Feed Block (third-party module)
  • Version: 6.x
  • Date: 2009-May-13
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x

SA-CONTRIB-2009-027 - Printer, e-mail and PDF versions - Cross-site scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-027
  • Project: Printer, e-mail and PDF versions (third-party module)
  • Versions: 5.x, 6.x
  • Date: 2009-May-13
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2009-026 - LoginToboggan - Access bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-026
  • Project: LoginToboggan (third-party module)
  • Version: 6.x
  • Date: 2009-May-13
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 6.x

SA-CORE-2009-005 - Drupal core - Cross site scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CORE-2009-005
  • Project: Drupal core
  • Version: 5.x, 6.x
  • Date: 2009-April-29
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross site scripting
Categories: Drupal 5.x, Drupal 6.x

Pages

Subscribe with RSS Subscribe to Security advisories