Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2012-106 - Listhandler - Access Bypass

By Drupal Security Team on 11 Jul 2012 at 14:31 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-106
Project: Listhandler (third-party module)
Version: 6.x
Date: 2012-July-11
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2012-105 - Hashcash - Cross Site Scripting (XSS)

By Drupal Security Team on 27 Jun 2012 at 20:09 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-105
Project: Hashcash (third-party module)
Version: 6.x, 7.x
Date: 2012-June-27
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-104 - Privatemsg - Cross Site Scripting (XSS)

By Drupal Security Team on 20 Jun 2012 at 17:20 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-104
Project: Privatemsg (third-party module)
Version: 7.x
Date: 2012-June-20
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-103 - Global Redirect - Open Redirect

By Drupal Security Team on 13 Jun 2012 at 20:47 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-103
Project: Global Redirect (third-party module)
Version: 6.x, 7.x
Date: 2012-June-13
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Open Redirect

SA-CONTRIB-2012-102 - Ubercart AJAX Cart - Potential Disclosure of user Session ID

By Drupal Security Team on 13 Jun 2012 at 20:41 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-102
Project: Ubercart AJAX Cart (third-party module)
Version: 6.x
Date: 2012-June-13
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Information Disclosure

SA-CONTRIB-2012-101 - Protected Node - Access Bypass

By Drupal Security Team on 13 Jun 2012 at 18:45 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-101
Project: Protected node (third-party module)
Version: 6.x
Date: 2012-June-13
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2012-100 - SimpleMeta - Cross Site Request Forgery (CSRF)

By Drupal Security Team on 13 Jun 2012 at 18:45 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-100
Project: SimpleMeta (third-party module)
Version: 6.x
Date: 2012-June-13
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Request Forgery

SA-CONTRIB-2012-099 - Node Hierarchy - Cross Site Request Forgery (CSRF)

By Drupal Security Team on 13 Jun 2012 at 18:45 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-099
Project: Node Hierarchy (third-party module)
Version: 6.x
Date: 2012-June-13
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Request Forgery

SA-CONTRIB-2012-098 - Janrain Capture - Open Redirect

By Drupal Security Team on 13 Jun 2012 at 18:35 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-098
Project: Janrain Capture (third-party module)
Version: 6.x, 7.x
Date: 2012-June-13
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Open Redirect

SA-CONTRIB-2012-097 - Protest - Cross Site Scripting (XSS)

By Drupal Security Team on 6 Jun 2012 at 20:02 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-097
Project: Protest (third-party module)
Version: 6.x, 7.x
Date: 2012-June-06
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS