Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2012-126 - Hotblocks - Cross Site Scripting (XSS) and Denial of Service (DoS)

By Drupal Security Team on 15 Aug 2012 at 16:48 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-126
Project: HotBlocks (third-party module)
Version: 6.x
Date: 2012-August-15
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting, Multiple vulnerabilities

SA-CONTRIB-2012-125 - Chaos tool suite (ctools) - Local File Inclusion and Cross Site Scripting (XSS)

By Drupal Security Team on 8 Aug 2012 at 18:12 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-125
Project: Chaos tool suite (ctools) (third-party module)
Version: 6.x, 7.x
Date: 2012-August-8
Security risk: Critical
Exploitable from: Remote
Vulnerability: Local File Inclusion and Cross Site Scripting

SA-CONTRIB-2012-124 - Mime Mail - Access Bypass

By Drupal Security Team on 8 Aug 2012 at 17:26 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-124
Project: Mime Mail (third-party module)
Version: 6.x
Date: 2012-August-8
Security risk: Critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2012-123 - Shibboleth authentication - Access Bypass

By Drupal Security Team on 8 Aug 2012 at 17:08 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-123
Project: Shibboleth authentication (third-party module)
Version: 6.x
Date: 2012-August-8
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2012-122 - Better Revisions - Cross Site Scripting (XSS)

By Drupal Security Team on 8 Aug 2012 at 16:18 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-122
Project: Better Revisions (third-party module)
Version: 7.x
Date: 2012-August-08
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-121 - Shorten URLs - Cross Site Scripting (XSS)

By Drupal Security Team on 8 Aug 2012 at 15:57 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-121
Project: Shorten URLs (third-party module)
Version: 6.x, 7.x
Date: 2012-August-8
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-120 - Monthly Archive by Node Type - Access Bypass (unsupported)

By Drupal Security Team on 1 Aug 2012 at 15:26 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-120
Project: Monthly Archive by Node Type (third-party module)
Version: 6.x
Date: 2012-August-1
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2012-119 - Excluded Users - Cross Site Scripting (XSS)

By Drupal Security Team on 1 Aug 2012 at 13:54 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-119
Project: Excluded Users (third-party module)
Version: 6.x
Date: 2012-August-1
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-118 - Secure Login - Open Redirect

By Drupal Security Team on 25 Jul 2012 at 19:52 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-118
Project: Secure Login (third-party module)
Version: 7.x
Date: 2012-July-25
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Open Redirect

SA-CONTRIB-2012-117 - Location - Access Bypass

By Drupal Security Team on 25 Jul 2012 at 19:48 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-117
Project: Location (third-party module)
Version: 6.x, 7.x
Date: 2012-July-25
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

Pages

Subscribe with RSS