Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2012-018 - Revisioning - Cross Site Scripting

By Drupal Security Team on 9 Feb 2012 at 00:37 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-018
Project: Revisioning (third-party module)
Version: 6.x
Date: 2012-FEB-08
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-017 - Finder - Multiple vulnerabilities

By Drupal Security Team on 8 Feb 2012 at 16:03 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-017
Project: Finder (third-party module)
Version: 6.x, 7.x
Date: 2012-February-08
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting, Arbitrary PHP code execution, Multiple vulnerabilities

SA-CONTRIB-2012-016 - Forward module CSRF and Access bypass

By Drupal Security Team on 1 Feb 2012 at 22:55 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-016
Project: Forward (third-party module)
Version: 6.x, 7.x
Date: 2012-February-01
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass, Cross Site Request Forgery

SA-CORE-2012-001 - Drupal core multiple vulnerabilities

By Drupal Security Team on 1 Feb 2012 at 22:06 UTC

Advisory ID: DRUPAL-SA-CORE-2012-001
Project: Drupal core
Version: 6.x, 7.x
Date: 2012-February-01
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass, Cross Site Request Forgery, Multiple vulnerabilities

SA-CONTRIB-2012-015 - Managesite - Cross Site Scripting (XSS)

By Drupal Security Team on 25 Jan 2012 at 21:48 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-015
Project: Managesite (third-party module)
Version: 6.x
Date: 2012-January-25
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-014 - Drupal Commerce - Cross Site Scripting (XSS)

By Drupal Security Team on 25 Jan 2012 at 19:14 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-014
Project: Drupal Commerce (third-party module)
Version: 7.x
Date: 2012-January-25
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-013 - Search Autocomplete - SQL Injection

By Drupal Security Team on 25 Jan 2012 at 16:39 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-013
Project: Search Autocomplete (third-party module)
Version: 7.x
Date: 2012-January-25
Security risk: Critical
Exploitable from: Remote
Vulnerability: SQL Injection

SA-CONTRIB-2012-012 - Quicktabs - Cross Site Scripting (XSS)

By Drupal Security Team on 18 Jan 2012 at 20:39 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-012
Project: Quick Tabs (third-party module)
Version: 6.x, 7.x
Date: 2012-January-18
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-011 - Panels - Cross Site Scripting (XSS)

By Drupal Security Team on 18 Jan 2012 at 19:56 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-011
Project: Panels (third-party module)
Version: 6.x
Date: 2012-January-18
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-010 - stickynote - Multiple vulnerabilities

By Drupal Security Team on 18 Jan 2012 at 19:50 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-010
Project: stickynote (third-party module)
Version: 7.x
Date: 2012-January-17
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting, Cross Site Request Forgery

Pages

Subscribe with RSS