Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2012-037 - Slidebox - access bypass

By Drupal Security Team on 14 Mar 2012 at 16:09 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-037
Project: Slidebox (third-party module)
Version: 7.x
Date: 2012-March-14
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2012-036 - Multiple Modules Unsupported

By Drupal Security Team on 14 Mar 2012 at 13:57 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-036
Projects: Content Lock, Ubercart Bulk Stock Updater, Ubercart Payflow Link, ticketyboo News Ticker, Admin tools, Redirecting click bouncer (third-party modules)
Version: 6.x
Version: 7.x
Date: 2012-March-14
Security risk: Critical
Exploitable from: Remote
Vulnerability: Information Disclosure

SA-CONTRIB-2012-035 - Webform Cross Site Scripting (XSS)

By Drupal Security Team on 7 Mar 2012 at 20:12 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-035
Project: Webform (third-party module)
Version: 6.x, 7.x
Date: 2012-March-07
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-034 - Node Recommendation Cross Site Scripting (XSS)

By Drupal Security Team on 7 Mar 2012 at 16:50 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-034
Project: Node Recommendation (third-party module)
Version: 6.x
Date: 2012-March-7
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

localizations - Cross Site Scripting - PSA-2012-001

Date:

2012-March-07

Advisory ID: DRUPAL-PSA-2012-001
Version: 6.x, 7.x
Date: 2012-March-07
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-033 - Read More Link - Cross Site Scripting

By Drupal Security Team on 7 Mar 2012 at 15:34 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-033
Project: Read More Link (third-party module)
Version: 6.x
Date: 2012-March-07
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-032 - Block Class - Cross Site scripting

By Drupal Security Team on 7 Mar 2012 at 15:27 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-032
Project: Block Class (third-party module)
Version: 7.x
Date: 2012-March-07
Security risk: Moderately Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-031 - Multiple Modules Unsupported - UC PayDutchGroup - Information leakage and Multisite Search sql injection

By Drupal Security Team on 7 Mar 2012 at 15:20 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-031
Projects: UC PayDutchGroup / WeDeal payment, Multisite Search (third-party modules)
Version: 6.x
Date: 2012-March-7
Security risk: Critical
Exploitable from: Remote
Vulnerability: Information Disclosure

SA-CONTRIB-2012-030 - Data - Cross Site Scripting (XSS)

By Drupal Security Team on 7 Mar 2012 at 15:07 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-030
Project: Data (third-party module)
Version: 6.x
Date: 2012-March-07
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-029 - Taxonomy Views Integrator - Cross Site Scripting (XSS)

By Drupal Security Team on 29 Feb 2012 at 20:31 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-029
Project: Taxonomy Views Integrator (third-party module)
Version: 6.x
Date: 2012-February-29
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS