Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2013-058 - MRBS - Abandoned - Mutliple vulnerabilities

By Drupal Security Team on 17 Jul 2013 at 15:57 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-058
Project: MRBS (third-party module)
Version: 6.x, 7.x
Date: 2013-July-17
Security risk: Highly critical
Exploitable from: Remote
Vulnerability: Cross Site Request Forgery, SQL Injection

SA-CONTRIB-2013-057 - TinyBox - Cross Site Scripting (XSS)

By Drupal Security Team on 10 Jul 2013 at 14:24 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-057
Project: TinyBox (Simple Splash) (third-party module)
Version: 7.x
Date: 2013-July-10
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2013-056 - Stage File Proxy - Denial of Service

By Drupal Security Team on 10 Jul 2013 at 14:16 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-056
Project: Stage File Proxy (third-party module)
Version: 7.x
Date: 2013-July-10th
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Multiple vulnerabilities

SA-CONTRIB-2013-055 - Hatch - Cross Site Scripting

By Drupal Security Team on 9 Jul 2013 at 21:21 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-055
Project: Hatch (third-party theme)
Version: 7.x
Date: 2013-July-10
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2013-054 - Fast Permissions Administration - Access Bypass

By Drupal Security Team on 26 Jun 2013 at 15:41 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-054
Project: Fast Permissions Administration (third-party module)
Version: 6.x, 7.x
Date: 2013-June-26
Security risk: Highly critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2013-053 - Login Security - Multiple Vulnerabilities

By Drupal Security Team on 19 Jun 2013 at 17:54 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-053
Project: Login Security (third-party module)
Version: 6.x, 7.x
Date: 2013-June-19
Security risk: Critical
Exploitable from: Remote
Vulnerability: Multiple vulnerabilities

SA-CONTRIB-2013-052 - Display Suite - Cross Site Scripting (XSS)

By Drupal Security Team on 12 Jun 2013 at 15:34 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-052
Project: Display Suite (third-party module)
Version: 7.x
Date: 2013-June-12
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2013-051 - Services - Cross site request forgery (CSRF)

By Drupal Security Team on 5 Jun 2013 at 18:54 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-051
Project: Services (third-party module)
Version: 6.x, 7.x
Date: 2013-June-05
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Request Forgery

SA-CONTRIB-2013-050 - Webform - Cross Site Scripting (XSS)

By Drupal Security Team on 29 May 2013 at 22:36 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-050
Project: Webform (third-party module)
Version: 6.x
Date: 2013-May-29
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2013-049 - Node access user reference - Access Bypass

By Drupal Security Team on 29 May 2013 at 15:22 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-049
Project: Node access user reference (third-party module)
Version: 6.x, 7.x
Date: 2013-May-29
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

Pages

Subscribe with RSS