Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2012-028 - Hierarchical Select - Cross Site Scripting (XSS)

By Drupal Security Team on 29 Feb 2012 at 17:47 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-028
Project: Hierarchical Select (third-party module)
Version: 6.x
Date: 2012-February-29
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-027 - Submenu Tree -Cross Site Scripting

By Drupal Security Team on 29 Feb 2012 at 14:34 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-027
Project: Submenu Tree (third-party module)
Version: 6.x
Date: 2012-February-29
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-026 - ZipCart - Access bypass

By Drupal Security Team on 29 Feb 2012 at 14:18 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-026
Project: ZipCart (third-party module)
Version: 6.x
Date: 2012-February-29
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2012-025 - Cool aid; Editable help messages - Multiple vulnerabilities

By Drupal Security Team on 29 Feb 2012 at 14:08 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-025
Project: Cool aid; Editable help messages (third-party module)
Version: 6.x
Date: 2012-February-29
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass, Cross Site Scripting

SA-CONTRIB-2012-024 - MediaFront - Cross Site Scripting

By Drupal Security Team on 29 Feb 2012 at 13:54 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-024
Project: MediaFront (third-party module)
Version: 6.x, 7.x
Date: 2012-February-29
Security risk: Less Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-023 - FAQ - Cross Site Scripting

By Drupal Security Team on 22 Feb 2012 at 22:56 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-023
Project: Frequently Asked Questions (third-party module)
Version: 6.x
Date: 2012-February-22
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-022 - CDN - Information disclosure

By Drupal Security Team on 15 Feb 2012 at 20:49 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-022
Project: CDN (third-party module)
Version: 6.x, 7.x
Date: 2012-February-15
Security risk: Critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2012-021 - Organic Groups Vocab Access Bypass

By Drupal Security Team on 15 Feb 2012 at 20:22 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-021
Project: Organic Groups Vocabulary (third-party module)
Version: 6.x
Date: 2012-February-15
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2012-020 - Faster Permissions - Access bypass

By Drupal Security Team on 15 Feb 2012 at 20:18 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-020
Project: Faster Permissions (third-party module)
Version: 7.x
Date: 2012-February-15
Security risk: Highly critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2012-019 - Link checker - Access bypass

By Drupal Security Team on 15 Feb 2012 at 17:11 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-019
Project: Link checker (third-party module)
Version: 6.x
Date: 2012-February-15
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Access bypass

Pages

Subscribe with RSS