Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2011-059 - Meta tags quick - Cross Site Scripting (XSS)

By Drupal Security Team on 14 Dec 2011 at 18:44 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-059
Project: Meta tags quick (third-party module)
Version: 7.x
Date: 2011-December-14
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2011-058 - Support Timer - Cross Site Scripting (XSS)

By Drupal Security Team on 30 Nov 2011 at 20:28 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-058
Project: Support Timer (third-party module)
Version: 6.x
Date: 2011-November-30
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2011-057 - Support Ticketing System - Cross Site Scripting (XSS)

By Drupal Security Team on 30 Nov 2011 at 20:25 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-057
Project: Support Ticketing System (third-party module)
Version: 6.x
Date: 2011-November-30
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2011-056 - Webform Validation Cross Site Scripting

By Drupal Security Team on 30 Nov 2011 at 20:03 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-056
Project: Webform Validation (third-party module)
Version: 6.x, 7.x
Date: 2011-November-30
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2011-055 - Webform CiviCRM Integration - Multiple vulnerabilities

By Drupal Security Team on 9 Nov 2011 at 22:16 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-055
Project: Webform CiviCRM Integration (third-party module)
Version: 6.x, 7.x
Date: 2011-November-09
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass, SQL Injection

SA-CONTRIB-2011-054 - CKEditor - Access bypass

By Drupal Security Team on 9 Nov 2011 at 21:33 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-054
Project: CKEditor - WYSIWYG HTML editor (third-party module)
Version: 7.x
Date: 2011-November-09
Security risk: Critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2011-053 - Quiz - Cross Site Scripting

By Drupal Security Team on 9 Nov 2011 at 20:03 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-053
Project: Quiz (third-party module)
Version: 6.x
Date: 2011-November-09
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2011-052 - Views SQL Injection

By Drupal Security Team on 2 Nov 2011 at 22:00 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-052
Project: Views (third-party module)
Version: 6.x
Date: 2011-November-02
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: SQL Injection

SA-CONTRIB-2011-051 - Hotblocks module - multiple vulnerabilities

By Drupal Security Team on 2 Nov 2011 at 19:52 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-051
Project: HotBlocks (third-party module)
Version: 6.x
Date: 2011-November-02
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Access bypass, Cross Site Scripting, Cross Site Request Forgery

SA-CONTRIB-2011-050 - Organic groups - Access bypass

By Drupal Security Team on 26 Oct 2011 at 15:27 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-050
Project: Organic groups (third-party module)
Version: 7.x
Date: 2011-October-26
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

Pages

Subscribe with RSS