Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2013-038 - Commons Groups - Access bypass & Privilege escalation

By Drupal Security Team on 27 Mar 2013 at 20:33 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-038
Project: Commons Groups (third-party module)
Version: 7.x
Date: 2013-March-27
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass, Multiple vulnerabilities

SA-CONTRIB-2013-037 - Rules - Cross Site Scripting (XSS)

By Drupal Security Team on 27 Mar 2013 at 17:46 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-037
Project: Rules (third-party module)
Version: 7.x
Date: 2013-March-27
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2013-036 - Zero Point - Cross Site Scripting (XSS)

By Drupal Security Team on 27 Mar 2013 at 17:44 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-036
Project: Zero Point (third-party module)
Version: 7.x
Date: 2013-March-27
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2013-035 - Views - Cross Site Scripting (XSS)

By Drupal Security Team on 20 Mar 2013 at 20:20 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-035
Project: Views (third-party module)
Version: 7.x
Date: 2013-March-20
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2013-034 - Node Parameter Control - Access Bypass

By Drupal Security Team on 13 Mar 2013 at 21:28 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-034
Project: Node Parameter Control (third-party module)
Version: 6.x
Date: 2013-Mar-13
Security risk: Critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2013-033 - Simple Corporate theme - Cross Site Scripting (XSS)

By Drupal Security Team on 27 Feb 2013 at 20:58 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-033
Project: Simple Corporate (third-party theme)
Version: 7.x
Date: 2013-February-27
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2013-032 - Company theme - Cross Site Scripting (XSS)

By Drupal Security Team on 27 Feb 2013 at 20:57 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-032
Project: Company theme (third-party theme)
Version: 7.x
Date: 2013-February-27
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2013-031 - Premium Responsive theme - Cross Site Scripting (XSS)

By Drupal Security Team on 27 Feb 2013 at 20:56 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-031
Project: Premium Responsive (third-party theme)
Version: 7.x
Date: 2013-February-27
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2013-030 - Clean Theme - Cross Site Scripting (XSS)

By Drupal Security Team on 27 Feb 2013 at 20:55 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-030
Project: Clean Theme (third-party theme)
Version: 7.x
Date: 2013-February-27
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2013-029 - Business theme - Cross Site Scripting (XSS)

By Drupal Security Team on 27 Feb 2013 at 20:53 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-029
Project: Business Theme (third-party theme)
Version: 7.x
Date: 2013-February-27
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS