Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2012-057 - Printer, email and PDF versions - Cross Site Scripting (XSS)

By Drupal Security Team on 4 Apr 2012 at 22:25 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-057
Project: Printer, email and PDF versions (third-party module)
Version: 6.x, 7.x
Date: 2012-April-04
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-056 - Janrain Engage - Sensitive Data Protection Vulnerability

By Drupal Security Team on 4 Apr 2012 at 17:58 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-056
Project: Janrain Engage (formerly RPX) (third-party module)
Version: 6.x, 7.x
Date: 2012-April-04
Security risk: Less critical
Exploitable from: Not exploitable
Vulnerability: Sensitive Data Protection Vulnerability

SA-CONTRIB-2012-055 - Fusion theme - Cross Site Scripting (XSS)

By Drupal Security Team on 28 Mar 2012 at 20:41 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-055
Project: Fusion (third-party theme)
Version: 6.x
Date: 2012-March-28
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-054 - Chaos tool suite - Cross Site Scripting (XSS)

By Drupal Security Team on 28 Mar 2012 at 20:01 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-054
Project: Chaos tool suite (ctools) (third-party module)
Version: 7.x
Date: 2012-March-28
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-053 - Organic Groups - Access Bypass

By Drupal Security Team on 28 Mar 2012 at 19:47 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-053
Project: Organic groups (third-party module)
Version: 6.x
Date: 2012-March-28
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2012-052 - Node Limit Number - Cross Site Request Forgery (CSRF)

By Drupal Security Team on 28 Mar 2012 at 16:55 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-052
Project: Node Limit Number (third-party module)
Version: 6.x
Date: 2012-March-28
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Request Forgery

SA-CONTRIB-2012-051 - Activity - Multiple Vulnerablities

By Drupal Security Team on 28 Mar 2012 at 15:17 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-051
Project: Activity (third-party module)
Version: 6.x
Date: 2012-March-28
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting, Cross Site Request Forgery

SA-CONTRIB-2012-050 - CDN2 Video - Unsupported

By Drupal Security Team on 28 Mar 2012 at 14:48 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-050
Project: CDN2 Video (third-party module)
Version: 6.x
Date: 2012-March-28
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Multiple vulnerabilities

SA-CONTRIB-2012-049 - ShareThis - Multiple Vulnerablies

By Drupal Security Team on 28 Mar 2012 at 13:59 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-049
Project: ShareThis (third-party module)
Version: 7.x
Date: 2012-March-28
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting, Cross Site Request Forgery

SA-CONTRIB-2012-048 - Contact Save - Cross Site Scripting

By Drupal Security Team on 28 Mar 2012 at 13:50 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-048
Project: Contact Save (third-party module)
Version: 6.x
Date: 2012-March-28
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS