Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2011-049 - Cumulus - Cross Site Scripting (XSS)

By Drupal Security Team on 12 Oct 2011 at 16:08 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-049
Project: Cumulus (third-party module)
Version: 5.x, 6.x
Date: 2011-October-12
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting (XSS)

SA-CONTRIB-2011-048 - Certificate Login SQL Injection

By Drupal Security Team on 12 Oct 2011 at 16:04 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-048
Project: Certificate Login (third-party module)
Version: 5.x, 6.x
Date: 2011-October-12
Security risk: Critical
Exploitable from: Remote
Vulnerability: SQL Injection

SA-CONTRIB-2011-047 - OG Features access bypass

By Drupal Security Team on 5 Oct 2011 at 19:12 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-047
Project: OG Features (third-party module)
Version: 6.x
Date: 2011-October-05
Security risk: Highly critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2011-046 - Echo - Multiple Vulnerabilities

By Drupal Security Team on 5 Oct 2011 at 18:28 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-046
Project: Echo (third-party module)
Version: 6.x, 7.x, 8.x
Date: 2011-October-05
Security risk: Critical
Exploitable from: Remote
Vulnerability: Multiple vulnerabilities

SA-CONTRIB-2011-045 - Rate module Cross Site Scripting

By Drupal Security Team on 5 Oct 2011 at 17:48 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-045
Project: Rate (third-party module)
Version: 6.x, 7.x
Date: 2011-October-05
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting (XSS)

SA-CONTRIB-2011-044 - Homebox for Organic Groups Cross Site Scripting

By Drupal Security Team on 5 Oct 2011 at 17:42 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-044
Project: Homebox (third-party module)
Version: 6.x, 7.x
Date: 2011-October-05
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting (XSS)

SA-CONTRIB-2011-043 - Petition Node - Cross Site Scripting

By Drupal Security Team on 5 Oct 2011 at 13:55 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-043
Project: petition_node (third-party module)
Version: 6.x
Date: 2011-October-05
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2011-042 Views Bulk Operations - Cross Site Scripting

By Drupal Security Team on 21 Sep 2011 at 21:17 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-042
Project: Views Bulk Operations (VBO) (third-party module)
Version: 6.x
Date: 2011-September-21
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2011-041 - Hostmaster (Aegir) - Cross Site Scripting

By Drupal Security Team on 21 Sep 2011 at 16:43 UTC

Advisory ID: SA-CONTRIB-2011-041
Project: Hostmaster (Aegir) (third-party module)
Version: 6.x
Date: 2011-September-21
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2011-040 Author Pane access bypass

By Drupal Security Team on 7 Sep 2011 at 14:32 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-040
Project: Author Pane (third-party module)
Version: 6.x
Date: 2011-September-7
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Access bypass

Pages

Subscribe with RSS