Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2014-025 - Open Omega - Access Bypass

By Drupal Security Team on 26 Feb 2014 at 17:23 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-025
Project: Open Omega (third-party theme)
Version: 7.x
Date: 2014-February-26
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2014-024 - Content Lock - CSRF

By Drupal Security Team on 26 Feb 2014 at 16:28 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-024
Project: Content locking (anti-concurrent editing) (third-party module)
Version: 6.x, 7.x
Date: 2014-February-26
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Request Forgery

SA-CONTRIB-2014-023 - Project Issue File Review - XSS

By Drupal Security Team on 26 Feb 2014 at 16:10 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-023
Project: Project Issue File Review (third-party module)
Version: 6.x
Date: 2014-February-26
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-022 - Slickgrid - Access bypass

By Drupal Security Team on 19 Feb 2014 at 15:36 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-022
Project: Slickgrid (third-party module)
Version: 7.x
Date: 2014-February -22
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2014-021 - Maestro - Cross Site Scripting (XSS)

By Drupal Security Team on 19 Feb 2014 at 14:57 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-021
Project: Maestro (third-party module)
Version: 7.x
Date: 2014-February-19
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-020 - Drupal Commons - Cross Site Scripting (XSS)

By Drupal Security Team on 12 Feb 2014 at 21:13 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-020
Project: Drupal Commons (third-party distribution)
Version: 7.x
Date: 2014-02-12
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-019 - Easy Social - Cross Site Scripting (XSS)

By Drupal Security Team on 12 Feb 2014 at 19:58 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-019
Project: Easy Social (third-party module)
Version: 7.x
Date: 2014-February-12
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-018 - Webform - Cross Site Scripting (XSS)

By Drupal Security Team on 12 Feb 2014 at 16:45 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-018
Project: Webform (third-party module)
Version: 6.x, 7.x
Date: 2014-February-12
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-017- Image Resize Filter - Denial of Service (DOS)

By Drupal Security Team on 12 Feb 2014 at 16:35 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-017
Project: Image Resize Filter (third-party module)
Version: 6.x, 7.x
Date: 2014-February-12
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Denial of Service (DOS)

SA-CONTRIB-2014-016 - Mayo Theme - XSS Vulnerability

By Drupal Security Team on 12 Feb 2014 at 16:25 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-016
Project: MAYO (third-party theme)
Version: 7.x
Date: 2014-02-12
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS