Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2014-021 - Maestro - Cross Site Scripting (XSS)

By Drupal Security Team on 19 Feb 2014 at 14:57 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-021
Project: Maestro (third-party module)
Version: 7.x
Date: 2014-February-19
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-020 - Drupal Commons - Cross Site Scripting (XSS)

By Drupal Security Team on 12 Feb 2014 at 21:13 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-020
Project: Drupal Commons (third-party distribution)
Version: 7.x
Date: 2014-02-12
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-019 - Easy Social - Cross Site Scripting (XSS)

By Drupal Security Team on 12 Feb 2014 at 19:58 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-019
Project: Easy Social (third-party module)
Version: 7.x
Date: 2014-February-12
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-018 - Webform - Cross Site Scripting (XSS)

By Drupal Security Team on 12 Feb 2014 at 16:45 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-018
Project: Webform (third-party module)
Version: 6.x, 7.x
Date: 2014-February-12
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-017- Image Resize Filter - Denial of Service (DOS)

By Drupal Security Team on 12 Feb 2014 at 16:35 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-017
Project: Image Resize Filter (third-party module)
Version: 6.x, 7.x
Date: 2014-February-12
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Denial of Service (DOS)

SA-CONTRIB-2014-016 - Mayo Theme - XSS Vulnerability

By Drupal Security Team on 12 Feb 2014 at 16:25 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-016
Project: MAYO (third-party theme)
Version: 7.x
Date: 2014-02-12
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-015 - FileField - Access Bypass

By Drupal Security Team on 12 Feb 2014 at 16:23 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-015
Project: FileField (third-party module)
Version: 6.x
Date: 2014-02-12
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2014-014 - Webform Validation - Cross Site Scripting (XSS)

By Drupal Security Team on 12 Feb 2014 at 16:10 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-014
Project: Webform Validation (third-party module)
Version: 6.x, 7.x
Date: 2014-February-12
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-013- Chaos tool suite (ctools) - Access Bypass

By Drupal Security Team on 12 Feb 2014 at 15:48 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-013
Project: Chaos tool suite (ctools) (third-party module)
Version: 6.x, 7.x
Date: 2014-02-12
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2014-012- Modal Frame API - Cross Site Scripting (XSS)

By Drupal Security Team on 5 Feb 2014 at 21:18 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-012
Project: Modal Frame API (third-party module)
Version: 6.x
Date: 2014-February-05
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS