Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2011-030 - Devel - Cross Site Request Forgery

By Drupal Security Team on 20 Jul 2011 at 20:04 UTC

Advisory ID: SA-CONTRIB-2011-030
Project: Devel (third-party module)
Version: 6.x, 7.x
Date: 2011-July-20
Security risk: Not critical
Exploitable from: Remote
Vulnerability: Cross Site Request Forgery

SA-CONTRIB-2011-029 - Taxonomy Filter - Cross Site Scripting

By Drupal Security Team on 20 Jul 2011 at 15:33 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-029
Project: Taxonomy Filter (third-party module)
Version: 6.x, 7.x
Date: 2011-July-20
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2011-028 - Simple Clean - Cross Site Scripting

By Drupal Security Team on 6 Jul 2011 at 19:38 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-028
Project: Simple Clean (third-party module)
Version: 7.x
Date: 2011-July-06
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2011-027 -Facebook Share - Cross Site Scripting (XSS)

By Drupal Security Team on 6 Jul 2011 at 14:29 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-027
Project: Facebook Share (third-party module)
Version: 6.x, 7.x
Date: 2011-July-06
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CORE-2011-002 - Drupal core - Access bypass

By Drupal Security Team on 30 Jun 2011 at 00:13 UTC

Advisory ID: DRUPAL-SA-CORE-2011-002
Project: Drupal core
Version: 7.x
Date: 2011-JUNE-29
Security risk: Highly critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2011-026 - Secure Password Hashes (phpass) - Multiple Vulnerabilities

By pwolanin on 29 Jun 2011 at 16:55 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-026
Project: Secure Password Hashes (phpass) (third-party module)
Version: 5.x, 6.x
Date: 2011-June-29
Security risk: Critical
Exploitable from: Remote
Vulnerability: Multiple vulnerabilities

SA-CONTRIB-2011-025 - Juitter & Download Count - Cross Site Scripting (XSS)

By Drupal Security Team on 22 Jun 2011 at 15:35 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-025
Project: Juitter - jQuery Twitter live search feeds and Download Count (third-party modules)
Version: 6.x
Date: 2011-June-22
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

External libraries and plugins - PSA-2011-002

Date:

2011-June-15

Advisory ID: PSA-2011-002
Date: 2011-June-15
Project: External libraries and plugins

SA-CONTRIB-2011-024 - Spam - Cross Site Request Forgery (CSFR)

By Drupal Security Team on 9 Jun 2011 at 02:01 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-024
Project: Spam (third-party module)
Version: 6.x
Date: 2011-June-08
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Request Forgery

SA-CONTRIB-2011-023 - Prepopulate - Multiple vulnerabilities

By Drupal Security Team on 8 Jun 2011 at 22:39 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-023
Project: Prepopulate (third-party module)
Version: 6.x
Date: 2011-June-08
Security risk: Moderately Critical
Exploitable from: Remote
Vulnerability: Multiple

Pages

Subscribe with RSS