Show advisories for only Drupal Core, only contributed projects, or only PSAs

Taxonomy Term Reference Tree Widget - Moderately critical - Cross Site Scripting - SA-CONTRIB-2018-006

Date: 
2018-January-31
Security risk: 
Moderately critical 13 ∕ 25 AC:Basic/A:Admin/CI:Some/II:Some/E:Theoretical/TD:All

This module provides an expandable tree widget for the Taxonomy Term Reference field in Drupal 7.

The module doesn't sufficiently sanitize the output of its own defined field formatter.

This vulnerability is mitigated by the fact that an attacker must have a role with the permission that allows to edit terms of a taxonomy where the module handles its output.

Sagepay - Critical - Access Bypass - SA-CONTRIB-2018-005

Date: 
2018-January-31
Security risk: 
Critical 15 ∕ 25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:All

This module integrates the Sagepay payment service.

Some of the URLs used while processing the payment are not sufficiently secured. This might allow attackers to resume a previously failed payment attempt or to view content that should only be shown after a succesful payment. This affects all payments in a Drupal installation with this module enabled (including payments made using other payment methods).

Backup and Migrate - Critical - Arbitrary PHP code execution - SA-CONTRIB-2018-004

Date: 
2018-January-24
Security risk: 
Critical 15 ∕ 25 AC:Basic/A:User/CI:Some/II:All/E:Theoretical/TD:Default

This module enables you to create manual and scheduled backups of a site, and restore the site from backup.

The module doesn't sufficiently identify that its custom permissions are risky and should only be granted to highly trusted roles.

Sites using this module should review the permissions page to verify only trusted users are granted permissions defined by the module.

Bible - Critical - Multiple Vulnerabilities - SA-CONTRIB-2018-003

Date: 
2018-January-17
Security risk: 
Critical 17 ∕ 25 AC:Basic/A:User/CI:Some/II:All/E:Proof/TD:All

This module enables you to display a Bible on your website. Users can associate notes with a Bible version.

This module has a vulnerability that would allow an attacker to wipe out, update or read notes from other users with a carefully crafted title.

A user must have the "Access Bible content" privilege, which is most likely the default if you have enabled this module.

Node View Permissions - Moderately critical - Access Bypass - SA-CONTRIB-2018-002

Date: 
2018-January-10
Security risk: 
Moderately critical 14 ∕ 25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:Default

The Node view permissions module enables the "View own content" and "View any content" permissions for each content type on the permissions page.

This module has a vulnerability that allows users with these permissions to view unpublished content that they are not otherwise authorized to view.

This issue was fixed by the maintainer outside of the normal security team protocols. Some issues were patched in 2014 for the 7.x version of this module. The 8.x release was updated within the last 6 months. Both are now flagged as security updates.

Stacks - Critical - Arbitrary PHP code execution - SA-CONTRIB-2018-001

Date: 
2018-January-10
Security risk: 
Critical 18 ∕ 25 AC:None/A:None/CI:Some/II:Some/E:Theoretical/TD:All

This module enables content editors to create complex pages and layouts on the fly without the help from a developer, using reusable widgets.

The module does not sufficiently filter values posted to its AJAX endpoint, which leads to the instantiation of an arbitrary PHP class.

This vulnerability is mitigated by the fact that only sites with the Stacks - Content Feed submodule enabled are affected.

me aliases - Highly critical - Arbitrary code execution - SA-CONTRIB-2017-097

Date: 
2017-December-20
Security risk: 
Highly critical 20 ∕ 25 AC:Basic/A:None/CI:All/II:All/E:Theoretical/TD:All

'me' module provides shortcut paths to current user's pages, eg user/me, blog/me, user/me/edit, tracker/me etc.

The way 'me' module handles URL arguments allows an attacker to execute arbitrary code strings.

Directory based organisational layer - Critical - Unsupported - SA-CONTRIB-2017-096

Date: 
2017-December-20
Security risk: 
Critical 18 ∕ 25 AC:None/A:None/CI:Some/II:Some/E:Proof/TD:Default

This module adds a new organizational layer to Drupal, making it easy for managing large numbers of files and nodes.

The security team is marking this module unsupported. There is a known security issue with the module that has not been fixed by the maintainer. The security team takes action in cases like this without regard to the severity of the security issue in question. If you would like to maintain this module, please read: https://www.drupal.org/node/251466

ComScore direct tag - Less critical - Cross site scripting - SA-CONTRIB-2017-095

Date: 
2017-December-20
Security risk: 
Less critical 7 ∕ 25 AC:Complex/A:Admin/CI:None/II:Some/E:Theoretical/TD:Uncommon

This module enables you to use the comScore Direct analytics system on a site.

The module doesn't sufficiently sanitize one of the configuration variables prior to rendering it.

This vulnerability is mitigated by the fact that an attacker must have a role with the permission "Administer comScore direct".

Link Click Count - Critical - Unsupported - SA-CONTRIB-2017-094

Date: 
2017-December-20
Security risk: 
Critical 18 ∕ 25 AC:None/A:None/CI:Some/II:Some/E:Proof/TD:Default

The Link Click Count module helps you to monitor the traffic to your website by creating link fields. These link fields can be individual links or internal/external links that can be added to the content type.

Pages

Subscribe with RSS Subscribe to Security advisories