Skip to main content
Skip to search
Can we use first and third party cookies and web beacons to
understand our audience, and to tailor promotions you see
?
Yes, please
No, do not track me
Drupal.org home
Discover Drupal
Drupal Core
Drupal CMS
Drupal AI
Case Studies
Drupal for Government
Drupal for Higher Education
Drupal for Nonprofit
Drupal for eCommerce
Drupal for FinTech
Drupal for Healthcare
Drupal for Enterprise
Drupal for Retail
Drupal for Travel & Tourism
Build with Drupal
Download Drupal
Documentation
Getting started
Local Development Guide
Developer Resources
Drupal CMS User Guide
Drupal User Guide
API
Modules
Themes
Recipes
Site Templates
Issue queues
Security Advisories
Partners & Services
Find a Drupal Certified Partner
Become a Drupal Certified Partner
Find a Hosting Provider
Find a Migration Partner
Find Training
Drupal Steward
Community
About the Community
How to Contribute
DrupalCon
Events
Jobs / Careers
News & Blogs
Forum
Slack
Newsletters
Drupal Swag Shop
Support Drupal
The Drupal Association
Donate
Become a Partner
Become a Ripple Maker
Become an Organization Member
Drupal Swag Shop
Get Started
Try Drupal CMS
Try Hosting
Return to content
Search form
Search
Log in
Create account
Security advisories
Show advisories for
only Drupal Core
,
only contributed projects
, or
only
PSAs
Drupal Core - Critical - Multiple Vulnerabilities - SA-CORE-2015-003
By
Drupal Security Team
on
19 Aug 2015 at 19:27 UTC
Advisory ID: DRUPAL-SA-CORE-2015-003
Project:
Drupal core
Version: 6.x, 7.x
Date: 2015-August-19
Security risk:
18/25 (
Critical
) AC:Complex/A:User/CI:All/II:All/E:Proof/TD:All
Vulnerability: Cross Site Scripting, Access bypass, SQL Injection, Open Redirect, Multiple vulnerabilities
Search API Autocomplete - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-140
By
Drupal Security Team
on
19 Aug 2015 at 15:02 UTC
Advisory ID: DRUPAL-SA-CONTRIB-2015-140
Project:
Search API Autocomplete
(third-party module)
Version: 7.x
Date: 2015-August-19
Security risk:
6/25 (
Less Critical
) AC:Complex/A:User/CI:None/II:None/E:Theoretical/TD:Default
Vulnerability: Cross Site Scripting
Workbench Email - Moderately Critical - Access bypass - DRUPAL-SA-CONTRIB-2015-139
By
Drupal Security Team
on
19 Aug 2015 at 14:52 UTC
Advisory ID: DRUPAL-SA-CONTRIB-2015-139
Project:
Workbench Email
(third-party module)
Version: 7.x
Date: 2015-August-19
Security risk:
10/25 (
Moderately Critical
) AC:Basic/A:User/CI:None/II:Some/E:Theoretical/TD:Default
Vulnerability: Access bypass
Compass Rose - Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-138
By
Drupal Security Team
on
5 Aug 2015 at 15:47 UTC
Advisory ID: DRUPAL-SA-CONTRIB-2015-138
Project:
Compass Rose
(third-party module)
Version: 6.x
Date: 2015-August-05
Security risk:
17/25 (
Critical
) AC:None/A:None/CI:Some/II:Some/E:Theoretical/TD:Default
Vulnerability: Cross Site Scripting
Quick Edit - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-137
By
Drupal Security Team
on
5 Aug 2015 at 15:38 UTC
Advisory ID: DRUPAL-SA-CONTRIB-2015-137
Project:
Quick Edit
(third-party module)
Version: 7.x
Date: 2015-August-05
Security risk:
14/25 (
Moderately Critical
) AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting, Multiple vulnerabilities
Commerce Commonwealth (CBA) - Moderately Critical - Insufficient Verification of API Data - SA-CONTRIB-2015-136
By
Drupal Security Team
on
29 Jul 2015 at 21:06 UTC
Advisory ID: DRUPAL-SA-CONTRIB-2015-136
Project:
Commerce Commonwealth (CBA)
(third-party module)
Version: 7.x
Date: 2015-August-05
Security risk:
12/25 (
Moderately Critical
) AC:Complex/A:None/CI:None/II:Some/E:Theoretical/TD:All
Vulnerability: Multiple vulnerabilities
Time Tracker - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-135
By
Drupal Security Team
on
22 Jul 2015 at 15:54 UTC
Advisory ID: DRUPAL-SA-CONTRIB-2015-135
Project:
Time Tracker
(third-party module)
Version: 7.x
Date: 2015-July-22
Security risk:
14/25 (
Moderately Critical
) AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting, Multiple vulnerabilities
OSF for Drupal - Critical - Multiple vulnerabilities - SA-CONTRIB-2015-134
By
Drupal Security Team
on
22 Jul 2015 at 15:46 UTC
Advisory ID: DRUPAL-SA-CONTRIB-2015-134
Project:
OSF for Drupal
(third-party module)
Version: 7.x
Date: 2015-July-22
Security risk:
15/25 (
Critical
) AC:Basic/A:None/CI:Some/II:Some/E:Theoretical/TD:Default
Vulnerability: Cross Site Scripting, Access bypass, Cross Site Request Forgery
Path Breadcrumbs - Less Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-133
By
Drupal Security Team
on
15 Jul 2015 at 16:30 UTC
Advisory ID: DRUPAL-SA-CONTRIB-2015-133
Project:
Path Breadcrumbs
(third-party module)
Version: 7.x
Date: 2015-July-15
Security risk:
7/25 (
Less Critical
) AC:Basic/A:Admin/CI:None/II:None/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting
Administration Views - Critical - Information Disclosure - SA-CONTRIB-2015-132
By
Drupal Security Team
on
8 Jul 2015 at 17:39 UTC
Advisory ID: DRUPAL-SA-CONTRIB-2015-132
Project:
Administration Views
(third-party module)
Version: 7.x
Date: 2015-July-08
Security risk:
15/25 (
Critical
) AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:All
Vulnerability: Information Disclosure
Pages
« first
‹ previous
…
90
91
92
93
94
95
96
97
98
…
next ›
last »
Subscribe with RSS
