Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2012-047 - Ubercart Views - Information disclosure

By Drupal Security Team on 28 Mar 2012 at 13:45 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-047
Project: Ubercart Views (third-party module)
Version: 6.x
Date: 2012-March-28
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2012-046 - Bundle Copy - Arbitrary Code execution

By Drupal Security Team on 28 Mar 2012 at 13:34 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-046
Project: Bundle copy (third-party module)
Version: 7.x
Date: 2012-March-28
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Arbitrary PHP code execution

SA-CONTRIB-2012-045 - AddToAny - Cross Site Scripting

By Drupal Security Team on 28 Mar 2012 at 13:27 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-045
Project: Share Buttons (AddToAny) by Lockerz (third-party module)
Version: 6.x
Date: 2012-March-28
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-044 - Contact Forms - Cross Site Scripting

By Drupal Security Team on 28 Mar 2012 at 13:21 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-044
Project: Contact Forms (third-party module)
Version: 6.x
Date: 2012-March-28
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-043 - MultiBlock - Cross Site Scripting

By Drupal Security Team on 28 Mar 2012 at 13:09 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-043
Project: MultiBlock (third-party module)
Version: 6.x, 7.x
Date: 2012-March-28
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-042 - Wishlist Cross Site Scripting (XSS)

By Drupal Security Team on 21 Mar 2012 at 15:17 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-042
Project: Wishlist Module (third-party module)
Version: 6.x, 7.x
Date: 2012-March-21
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting, Cross Site Request Forgery

SA-CONTRIB-2012-041 - Fancy Slide - Cross Site Scripting (XSS)

By Drupal Security Team on 14 Mar 2012 at 21:47 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-041
Project: Fancy Slide (third-party module)
Version: 6.x
Date: 2012-March-14
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-040 - CKEditor and FCKeditor - multiple XSS, arbitrary code execution

By Drupal Security Team on 14 Mar 2012 at 18:19 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-040
Project: CKEditor, FCKeditor - WYSIWYG HTML editor (third-party module)
Version: 6.x, 7.x
Date: 2012-March-14
Security risk: Highly critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting, Cross Site Request Forgery, Arbitrary PHP code execution

SA-CONTRIB-2012-039 - Language Icons - Cross Site Scripting (XSS)

By Drupal Security Team on 14 Mar 2012 at 17:14 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-039
Project: Language icons (third-party module)
Version: 6.x, 7.x
Date: 2012-March-14
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-038 - Views Language Switcher Cross Site Scripting (XSS)

By Drupal Security Team on 14 Mar 2012 at 17:06 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-038
Project: Views Language Switcher (third-party module)
Version: 7.x
Date: 2012-March-14
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS