Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2009-103 - Strongarm - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-103
  • Project: Strongarm (third-party module)
  • Version: 6.x
  • Date: 2009 November 18
  • Security risk: Moderately Critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2009-102 - PHPList Integration Module - Cross Site Request Forgery

By pwolanin on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-102
  • Project: PHPList Inegration Module (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009-November-18
  • Security risk: Less Critical
  • Exploitable from: Remote
  • Vulnerability: Cross site request forgery
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2009-101 - Web Services - Access Bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-101
  • Project: Web Services (third-party theme)
  • Version: 6.x
  • Date: 2009-November-11
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Access Bypass

SA-CONTRIB-2009-100 - AddToAny - Cross Site Scripting

By undefined on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-100
  • Project: AddToAny (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009 November 11
  • Security risk: Moderately Critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting

SA-CONTRIB-2009-099 - RootCandy Theme - Cross Site Scripting

By meba on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-099
  • Project: RootCandy (third-party theme)
  • Version: 6.x
  • Date: 2009-November-11
  • Security risk: Moderately Critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting

SA-CONTRIB-2009-098 - Zoomify - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-098
  • Project: Zoomify (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009-November-4
  • Security risk: Moderately Critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2009-097 - Organic Groups Vocabulary - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-097
  • Project: Organic Groups Vocabulary (third-party module)
  • Version: 6.x
  • Date: 2009-November-4
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting

SA-CONTRIB-2009-096 - Link - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-096
  • Project: Link (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009-November-4
  • Security risk: Moderately Critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting

SA-CONTRIB-2009-095 - Smartqueue OG - Access Bypass

By Drupal Security Team on
  • Advisory ID: SA-CONTRIB-2009-095
  • Project: Smartqueues for Organic Groups (smartqueue_og) (third-party module)
  • Version: 6.x
  • Date: 2009 November 4
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 6.x

SA-CONTRIB-2009-094 - NGP COO/CWP Integration (crmngp) - Multiple Vulnerabilities

By coltrane on
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-094
  • Project: NGP COO/CWP Integration (crmngp) (third-party module)
  • Version: 6.x
  • Date: 2009-November-4
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross-site scripting and Access bypass

Pages

Subscribe with RSS Subscribe to Security advisories