Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2011-039 - Bot Alarm - Multiple vulnerabilities

By Drupal Security Team on 31 Aug 2011 at 17:53 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-039
Project: Bot Alarm (third-party module)
Version: 6.x
Date: 2011-August-31
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting, Cross Site Request Forgery

SA-CONTRIB-2011-038 - Taxonomy Views Integrator - Cross Site Scripting

By Drupal Security Team on 31 Aug 2011 at 13:21 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-038
Project: Taxonomy Views Integrator (third-party module)
Version: 6.x
Date: 2011-August-31
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2011-037- Node Invite - Cross Site Scripting

By Drupal Security Team on 31 Aug 2011 at 13:19 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-037
Project: Node Invite (third-party module)
Version: 6.x
Date: 2011-August-31
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2011-036 - Addresses - Cross Site Scripting

By Drupal Security Team on 17 Aug 2011 at 17:56 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-036
Project: Addresses (third-party module)
Version: 6.x
Date: 2011-August-17
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2011-035 Forward module - Open redirect

By Drupal Security Team on 17 Aug 2011 at 17:16 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-035
Project: Forward (third-party module)
Version: 6.x, 7.x
Date: 2011-August-17
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Open redirect

SA-CONTRIB-2011-034 - Display Suite - Cross Site Scripting

By Drupal Security Team on 3 Aug 2011 at 19:16 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-034
Project: Display suite (third-party module)
Version: 7.x
Date: 2011-August-03
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2011-033 - iWebkit - Cross Site Scripting

By Drupal Security Team on 3 Aug 2011 at 19:04 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-033
Project: iWebkit (third-party module)
Version: 6.x
Date: 2011-August-03
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2011-032 - Mail Logger - Cross Site Scripting

By Drupal Security Team on 3 Aug 2011 at 16:01 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-032
Project: Mail Logger (third-party module)
Version: 6.x
Date: 2011-August-03
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CORE-2011-003 - Drupal core - Access bypass

By Drupal Security Team on 27 Jul 2011 at 19:32 UTC

Advisory ID: DRUPAL-SA-CORE-2011-003
Project: Drupal core
Version: 7.x
Date: 2011-July-27
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2011-031 - SunMailer - Access bypass

By Drupal Security Team on 20 Jul 2011 at 20:18 UTC

Advisory ID: SA-CONTRIB-2011-031
Project: SunMailer Newsletter (third-party module)
Version: 6.x
Date: 2011-July-20
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Access bypass

Pages

Subscribe with RSS