Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2010-039: CCK TableField - Cross Site Scripting

By Drupal Security Team on 5 May 2010 at 22:35 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-039
Project: CCK TableField (third-party module)
Version: 6.x
Date: 2010-May-05
Security risk: Moderately Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-038 - Privatemsg - Access bypass

By Drupal Security Team on 28 Apr 2010 at 20:26 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-038
Project: Privatemsg (third-party module)
Version: 6.x
Date: 2010-April-28
Security risk: Less Critical
Exploitable from: Remote
Vulnerability: Access Bypass

SA-CONTRIB-2010-037 - Decisions - Access bypass

By Drupal Security Team on 28 Apr 2010 at 18:32 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-037
Project: Decisions (third-party module)
Version: 5.x, 6.x
Date: 2010-April-28
Security risk: Less Critical
Exploitable from: Remote
Vulnerability: Access Bypass

SA-CONTRIB-2010-036 - Views - multiple vulnerabilities

By pwolanin on 8 Apr 2010 at 00:17 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-036
Project: Views (third-party module)
Version: 5.x, 6.x
Date: 2010-April-7
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting (XSS), arbitrary code execution

SA-CONTRIB-2010-035: Smileys - Cross Site Request Forgery

By Drupal Security Team on 7 Apr 2010 at 22:04 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-035
Project: Smileys (third-party module)
Versions: 5.x
Date: 2010-April-07
Security risk: Less Critical
Exploitable from: Remote
Vulnerability: Cross-site Request Forgery

SA-CONTRIB-2010-034 - Internationalization - Cross Site Scripting

By Drupal Security Team on 7 Apr 2010 at 22:01 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-034
Project: Internationalization (third-party module)
Version: 6.x
Date: 2010-April-7
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-033 - Taxonomy Filter - Cross Site Scripting (XSS)

By Drupal Security Team on 31 Mar 2010 at 20:18 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-033
Project: Taxonomy Filter (third-party module)
Version: 6.x
Date: 2010-March-31
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-032 - Taxonomy Breadcrumb - Cross Site Scripting (XSS)

By Drupal Security Team on 31 Mar 2010 at 15:30 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-032
Project: Taxonomy Breadcrumb (third-party module)
Versions: 6.x-1.x, 5.x-1.x
Date: 2010-March-31
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-031 - Menu Block - Cross Site Scripting (XSS)

By Drupal Security Team on 24 Mar 2010 at 23:32 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-031
Project: Menu Block (third-party module)
Versions: 6.x-2.x, 5.x-2.x, 5.x-1.x
Date: 2010-March-24
Security risk: Less Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-030: Mime Mail - Arbitrary code execution

By Drupal Security Team on 24 Mar 2010 at 18:00 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-030
Project: Mime Mail (third-party module)
Version: 5.x
Date: 2010-March-24
Security risk: Highly critical
Exploitable from: Remote
Vulnerability: Arbitrary code execution

Pages

Subscribe with RSS