Show advisories for only Drupal Core, only contributed projects, or only PSAs

Entity Backup - Critical - Module Unsupported - SA-CONTRIB-2018-012

Date: 
2018-February-14
Security risk: 
Critical 18 ∕ 25 AC:None/A:None/CI:Some/II:Some/E:Proof/TD:Default

The main purpose of the Entity Backup module is to keep a backup of deleted Drupal core entities and perform recovery of them.

The security team is marking this module unsupported. There is a known security issue with the module that has not been fixed by the maintainer. If you would like to maintain this module, please read: https://www.drupal.org/node/251466

Dynamic Banner - Less critical - Cross site scripting - SA-CONTRIB-2018-011

Date: 
2018-February-14
Security risk: 
Less critical 7 ∕ 25 AC:Basic/A:Admin/CI:None/II:None/E:Theoretical/TD:All

This module enables a site to display different banners (via blocks) on different pages depending upon specific criteria.

The module doesn't sufficiently filter output of banner data.

This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer dynamic_banner".

Custom Permissions - Moderately critical - Access bypass - SA-CONTRIB-2018-010

Date: 
2018-February-14
Security risk: 
Moderately critical 14 ∕ 25 AC:None/A:User/CI:Some/II:Some/E:Theoretical/TD:Uncommon

This module enables the user to set custom permissions per path.

The module doesn't perform sufficient checks on paths with dynamic arguments (like "node/1" or "user/2"), thereby allowing the site administrator to save custom permissions for paths that won't be protected. This could lead to an access bypass vulnerability if the site is relying on the Custom Permissions module to protect those paths.

This vulnerability is mitigated by the fact that it only occurs on sites which attempted to use the Custom Permissions module to protect dynamic paths.

VChess - Critical - Module Unsupported - SA-CONTRIB-2018-009

Date: 
2018-February-14
Security risk: 
Critical 18 ∕ 25 AC:None/A:None/CI:Some/II:Some/E:Proof/TD:Default

The Drupal VChess module allows users to play a chess game.

The security team is marking this module unsupported. There is a known security issue with the module that has not been fixed by the maintainer. If you would like to maintain this module, please read: https://www.drupal.org/node/251466

Entity Reference Tab / Accordion Formatter - Moderately critical - Cross Site Scripting - SA-CONTRIB-2018-008

Date: 
2018-February-07
Security risk: 
Moderately critical 14 ∕ 25 AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:All

This module enables you to show referenced entities in tabs.

The module doesn't sufficiently sanitize the body fields of the referenced entities when it prints them to the tabs.

This vulnerability is mitigated by the fact that an attacker must have a role with the permission create/edit content of the content type that is referenced.

FileField Sources - Moderately critical - Access Bypass - SA-CONTRIB-2018-007

Date: 
2018-February-07
Security risk: 
Moderately critical 12 ∕ 25 AC:Complex/A:None/CI:Some/II:None/E:Theoretical/TD:All

This module enables you to upload files to fields via several sources.

The module doesn't sufficiently handle access control under the scenario of the autocomplete path of reference sources.

Taxonomy Term Reference Tree Widget - Moderately critical - Cross Site Scripting - SA-CONTRIB-2018-006

Date: 
2018-January-31
Security risk: 
Moderately critical 13 ∕ 25 AC:Basic/A:Admin/CI:Some/II:Some/E:Theoretical/TD:All

This module provides an expandable tree widget for the Taxonomy Term Reference field in Drupal 7.

The module doesn't sufficiently sanitize the output of its own defined field formatter.

This vulnerability is mitigated by the fact that an attacker must have a role with the permission that allows to edit terms of a taxonomy where the module handles its output.

Sagepay - Critical - Access Bypass - SA-CONTRIB-2018-005

Date: 
2018-January-31
Security risk: 
Critical 15 ∕ 25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:All

This module integrates the Sagepay payment service.

Some of the URLs used while processing the payment are not sufficiently secured. This might allow attackers to resume a previously failed payment attempt or to view content that should only be shown after a succesful payment. This affects all payments in a Drupal installation with this module enabled (including payments made using other payment methods).

Backup and Migrate - Critical - Arbitrary PHP code execution - SA-CONTRIB-2018-004

Date: 
2018-January-24
Security risk: 
Critical 15 ∕ 25 AC:Basic/A:User/CI:Some/II:All/E:Theoretical/TD:Default

This module enables you to create manual and scheduled backups of a site, and restore the site from backup.

The module doesn't sufficiently identify that its custom permissions are risky and should only be granted to highly trusted roles.

Sites using this module should review the permissions page to verify only trusted users are granted permissions defined by the module.

Bible - Critical - Multiple Vulnerabilities - SA-CONTRIB-2018-003

Date: 
2018-January-17
Security risk: 
Critical 17 ∕ 25 AC:Basic/A:User/CI:Some/II:All/E:Proof/TD:All

This module enables you to display a Bible on your website. Users can associate notes with a Bible version.

This module has a vulnerability that would allow an attacker to wipe out, update or read notes from other users with a carefully crafted title.

A user must have the "Access Bible content" privilege, which is most likely the default if you have enabled this module.

Pages

Subscribe with RSS Subscribe to Security advisories