Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

Web Links - Less Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-110

By Drupal Security Team on 20 May 2015 at 16:26 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-110
Project: Web Links (third-party module)
Version: 6.x, 7.x
Date: 2015-May-20
Security risk: 7/25 ( Less Critical) AC:Basic/A:User/CI:None/II:None/E:Theoretical/TD:Default
Vulnerability: Cross Site Scripting

pass2pdf - Critical - Information Disclosure - Unsupported - SA-CONTRIB-2015-109

By Drupal Security Team on 20 May 2015 at 16:15 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-109
Project: pass2pdf (third-party module)
Version: 7.x
Date: 2015-May-20
Security risk: 18/25 ( Critical) AC:None/A:None/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Information Disclosure

Mobile sliding menu - Less Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-108

By Drupal Security Team on 6 May 2015 at 18:45 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-108
Project: Mobile sliding menu (third-party module)
Version: 7.x
Date: 2015-May-06
Security risk: 5/25 ( Less Critical) AC:Complex/A:Admin/CI:None/II:None/E:Theoretical/TD:Default
Vulnerability: Cross Site Scripting

Webform Matrix Component - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-107

By Drupal Security Team on 6 May 2015 at 18:42 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-107
Project: Webform Matrix Component (third-party module)
Version: 7.x
Date: 2015-May-06
Security risk: 13/25 ( Moderately Critical) AC:Basic/A:Admin/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

Entityform Block - Moderately Critical - Access Bypass - SA-CONTRIB-2015-106

By Drupal Security Team on 6 May 2015 at 17:20 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-106
Project: Entityform block (third-party module)
Version: 7.x
Date: 2015-May-06
Security risk: 12/25 (Moderately Critical) AC:None/A:None/CI:None/II:None/E:Theoretical/TD:All
Vulnerability: Access bypass

Video Consultation - Moderately Critical - Cross Site Scripting (XSS) - Unsupported - SA-CONTRIB-2015-105

By Drupal Security Team on 6 May 2015 at 17:18 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-105
Project: Video Consultation (third-party module)
Version: 6.x, 7.x
Date: 2015-May-06
Security risk: 14/25 ( Moderately Critical) AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

Dynamic display block - Less Critical - Access bypass - SA-CONTRIB-2015-104

By Drupal Security Team on 6 May 2015 at 17:09 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-104
Project: Dynamic display block (third-party module)
Version: 7.x
Date: 2015-May-06
Security risk: 7/25 ( Less Critical) AC:Complex/A:Admin/CI:Some/II:None/E:Theoretical/TD:Uncommon
Vulnerability: Access bypass

Views - Critical - Access Bypass - SA-CONTRIB-2015-103

By Drupal Security Team on 29 Apr 2015 at 16:55 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-103
Project: Views (third-party module)
Version: 7.x
Date: 2015-April-29
Security risk: 15/25 ( Critical) AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:All
Vulnerability: Access bypass

Smart Trim - Less Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-102

By Drupal Security Team on 29 Apr 2015 at 16:50 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-102
Project: Smart Trim (third-party module)
Version: 7.x
Date: 2015-April-29
Security risk: 5/25 ( Less Critical) AC:Complex/A:Admin/CI:None/II:None/E:Theoretical/TD:Default
Vulnerability: Cross Site Scripting

MailChimp - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-101

By Drupal Security Team on 29 Apr 2015 at 15:11 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-101
Project: MailChimp (third-party module)
Version: 7.x
Date: 2015-April-29
Security risk: 11/25 ( Moderately Critical) AC:Basic/A:User/CI:None/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS

Web Links - Less Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-110

pass2pdf - Critical - Information Disclosure - Unsupported - SA-CONTRIB-2015-109

Mobile sliding menu - Less Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-108

Webform Matrix Component - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-107

Entityform Block - Moderately Critical - Access Bypass - SA-CONTRIB-2015-106

Video Consultation - Moderately Critical - Cross Site Scripting (XSS) - Unsupported - SA-CONTRIB-2015-105

Dynamic display block - Less Critical - Access bypass - SA-CONTRIB-2015-104

Views - Critical - Access Bypass - SA-CONTRIB-2015-103

Smart Trim - Less Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-102

MailChimp - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-101

Pages

News items

Our community

Documentation

Drupal code base

Governance of community