Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2012-086 - Amadou - Cross Site Scripting

By Drupal Security Team on 30 May 2012 at 17:44 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-086
Project: Amadou (third-party theme)
Version: 6.x
Date: 2012-May-30
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-085 - BrowserID - Multiple Vulnerabilities

By Drupal Security Team on 23 May 2012 at 17:56 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-085
Project: BrowserID (Mozilla Persona) (third-party module)
Version: 7.x
Date: 2012-May-23
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross Site Request Forgery (results in Privilege Escalation)

SA-CONTRIB-2012-084 - Search API - Cross Site Scripting (XSS)

By Drupal Security Team on 23 May 2012 at 17:09 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-084
Project: Search API (third-party module)
Version: 7.x
Date: 2012-May-23
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-083 - Taxonomy List - Cross Site Scripting (XSS)

By Drupal Security Team on 23 May 2012 at 16:08 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-083
Project: Taxonomy List (third-party module)
Version: 6.x
Date: 2012-May-23
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-082 - Zen - Cross Site Scripting

By Drupal Security Team on 16 May 2012 at 20:38 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-082
Project: Zen (third-party theme)
Version: 6.x
Date: 2012-May-16
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-081 - Aberdeen - Cross Site Scripting

By Drupal Security Team on 16 May 2012 at 20:38 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-081
Project: Aberdeen (third-party theme)
Version: 6.x
Date: 2012-May-16
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-080 - Hostmaster (Aegir) - Access Bypass and Cross Site Scripting (XSS)

By Drupal Security Team on 16 May 2012 at 16:35 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-080
Project: Hostmaster (Aegir) (third-party module)
Version: 6.x
Date: 2012-May-16
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Multiple vulnerabilities

SA-CONTRIB-2012-079 - Post Affiliate Pro - Cross Site Scripting (XSS) and Access Bypass - Unsupported

By Drupal Security Team on 16 May 2012 at 16:21 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-079
Project: Post Affiliate Pro (third-party module)
Version: 6.x
Date: 2012-May-16
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting, Access bypass

SA-CONTRIB-2012-078 - Smart Breadcrumb - Cross Site Scripting (XSS)

By Drupal Security Team on 16 May 2012 at 15:30 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-078
Project: Smart Breadcrumb (third-party module)
Version: 6.x
Date: 2012-May-16
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-077 - Advertisement - Cross Site Scripting & Information Disclosure

By Drupal Security Team on 16 May 2012 at 15:16 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-077
Project: Advertisement (third-party module)
Version: 6.x
Date: 2012-May-16
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting, Information Disclosure, Multiple vulnerabilities

Pages

Subscribe with RSS