Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2012-067 - Linkit - Access bypass

By Drupal Security Team on 25 Apr 2012 at 19:29 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-067
Project: Linkit (third-party module)
Version: 7.x
Date: 2012-April-25
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2012-066 - Spaces and Spaces OG - Access Bypass

By Drupal Security Team on 25 Apr 2012 at 19:26 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-066
Project: Spaces (third-party module)
Version: 6.x
Date: 2012-April-25
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2012-065 - Sitedoc - Information disclosure

By Drupal Security Team on 25 Apr 2012 at 19:14 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-065
Project: Site Documentation (third-party module)
Version: 6.x
Date: 2012-April-25
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Information Disclosure

SA-CONTRIB-2012-064 - Ubercart - Multiple vulnerabilities

By Drupal Security Team on 25 Apr 2012 at 19:04 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-064
Project: Ubercart (third-party module)
Version: 6.x, 7.x
Date: 2012-April-25
Security risk: Moderately critical
Exploitable from: Varies (Local & Remote)
Vulnerability: Cross Site Scripting, Arbitrary PHP code execution, Multiple vulnerabilities

SA-CONTRIB-2012-063 - RealName - Cross Site Scripting (XSS)

By Drupal Security Team on 25 Apr 2012 at 18:52 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-063
Project: RealName (third-party module)
Version: 6.x
Date: 2012-April-25
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-062 - Creative Commons - Cross Site Scripting (XSS)

By Drupal Security Team on 25 Apr 2012 at 17:36 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-062
Project: Creative Commons (third-party module)
Version: 6.x
Date: 2012-April-25
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-061 - Gigya - Social optimization - Cross Site Scripting (XSS)

By Drupal Security Team on 18 Apr 2012 at 21:16 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-061
Project: Gigya - Social optimization (third-party module)
Version: 6.x
Date: 2012-April-18
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-060 - Commerce Reorder - Cross Site Request Forgery

By Drupal Security Team on 18 Apr 2012 at 18:06 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-060
Project: Commerce Reorder (third-party module)
Version: 7.x
Date: 2012-April-18
Security risk: Not critical
Exploitable from: Remote
Vulnerability: Cross Site Request Forgery

SA-CONTRIB-2012-059 - Autosave - Cross Site Request Forgery

By Drupal Security Team on 11 Apr 2012 at 19:27 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-059
Project: Autosave (third-party module)
Version: 6.x, 7.x
Date: 2012-April-11
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Request Forgery

SA-CONTRIB-2012-058 - Fivestar - Input Validation

By Drupal Security Team on 11 Apr 2012 at 15:59 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-058
Project: Fivestar (third-party module)
Version: 6.x
Date: 2012-April-11
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Input Validation

Pages

Subscribe with RSS