Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2009-086 - OpenSocial Shindig-Integrator - Cross Site Scripting

By Drupal Security Team on 28 Oct 2009 at 21:17 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-086
Project: OpenSocial Shindig-Integrator (third-party module)
Version: 6.x, 5.x
Date: 2009-October-86
Security risk: Moderately Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2009-085 - Insert Node - Cross Site Scripting

By Drupal Security Team on 28 Oct 2009 at 21:06 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-085
Project: Insert Node (third-party module)
Version: 5.x
Date: 2009-October-28
Security risk: Moderately Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2009-084 - LDAP Integration - Multiple Vulnerabilities

By Drupal Security Team on 28 Oct 2009 at 20:57 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-084
Project: LDAP Integration (third-party module)
Version: 6.x, 5.x
Date: 2009-October-28
Security risk: Critical
Exploitable from: Remote
Vulnerability: Multiple vulnerabilities

SA-CONTRIB-2009-083 - CCK Comment Reference - Access Bypass

By Drupal Security Team on 28 Oct 2009 at 20:53 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-083
Project: CCK Comment Reference (third-party module)
Version: 6.x
Date: 2009-October-28
Security risk: Moderately Critical
Exploitable from: Remote
Vulnerability: Access Bypass

SA-CONTRIB-2009-082 - Filefield module access bypass

By greggles on 21 Oct 2009 at 22:34 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-082
Project: FileField (third-party module)
Version: 6.x
Date: 2009-October-20
Security risk: Moderately Critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2009-081 - Abuse - Cross Site Scripting

By meba on 21 Oct 2009 at 21:48 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-081
Project: Abuse (third-party module)
Version: 5.x, 6.x
Date: 2009 October 21
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2009-080 - Simplenews Statistics - Multiple vulnerabilities

By Drupal Security Team on 21 Oct 2009 at 20:34 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-080
Project: Simplenews Statistics (third-party module)
Version: 6.x
Date: 2009 October 21
Security risk: Critical
Exploitable from: Remote
Vulnerability: Multiple vulnerabilities (XSS, CSRF, Open Redirect)

SA-CONTRIB-2009-079 - vCard - Cross Site Scripting

By Drupal Security Team on 21 Oct 2009 at 20:31 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-079
Project: vCard module (third-party module)
Version: 6.x, 5.x
Date: 2009-October-21
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2009-078 - Moodle Course List - SQL Injection

By Drupal Security Team on 21 Oct 2009 at 20:23 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-078
Project: Moodle Course List module (third-party module)
Version: 6.x
Date: 2009-October-21
Security risk: Critical
Exploitable from: Remote
Vulnerability: SQL Injection

SA-CONTRIB-2009-075 - OG Vocabulary 5.x

By greggles on 21 Oct 2009 at 19:29 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-075
Project: Organic Groups Vocabulary (third-party module)
Version: 5.x
Date: 2009-October-21
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS