Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2012-072 - cctags - Cross Site Scripting (XSS)

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-072
  • Project: cctags (third-party module)
  • Version: 6.x, 7.x
  • Date: 2012-May-02
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x, Drupal 7.x

SA-CORE-2012-002 - Drupal core multiple vulnerabilities

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CORE-2012-002
  • Project: Drupal core
  • Version: 7.x
  • Date: 2012-May-2
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Denial of Service, Access bypass, Unvalidated form redirect
Categories: Drupal 7.x

SA-CONTRIB-2012-071 - Glossify - Cross Site Scripting (XSS) - Unsupported

By Drupal Security Team on
Categories: Drupal 6.x

SA-CONTRIB-2012-070 - Taxonomy Grid : Catalog - Cross Site Scripting (XSS) - Unsupported

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-070
  • Project: Taxonomy Grid : Catalog (third-party module)
  • Version: 6.x
  • Date: 2012-May-02
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x

SA-CONTRIB-2012-069 - Addressbook - Multiple vulnerabilities - Unsupported

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-069
  • Project: Addressbook (third-party module)
  • Version: 6.x
  • Date: 2012-May-02
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting, Cross Site Request Forgery, SQL Injection
Categories: Drupal 6.x

SA-CONTRIB-2012-068 - Node Gallery - Cross Site Request Forgery (CSRF) - Unsupported

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-068
  • Project: Node Gallery (third-party module)
  • Version: 6.x
  • Date: 2012-May-02
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Request Forgery
Categories: Drupal 6.x

SA-CONTRIB-2012-067 - Linkit - Access bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-067
  • Project: Linkit (third-party module)
  • Version: 7.x
  • Date: 2012-April-25
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 7.x

SA-CONTRIB-2012-066 - Spaces and Spaces OG - Access Bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-066
  • Project: Spaces (third-party module)
  • Version: 6.x
  • Date: 2012-April-25
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 6.x

SA-CONTRIB-2012-065 - Sitedoc - Information disclosure

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-065
  • Project: Site Documentation (third-party module)
  • Version: 6.x
  • Date: 2012-April-25
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Information Disclosure
Categories: Drupal 6.x

SA-CONTRIB-2012-064 - Ubercart - Multiple vulnerabilities

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-064
  • Project: Ubercart (third-party module)
  • Version: 6.x, 7.x
  • Date: 2012-April-25
  • Security risk: Moderately critical
  • Exploitable from: Varies (Local & Remote)
  • Vulnerability: Cross Site Scripting, Arbitrary PHP code execution, Multiple vulnerabilities
Categories: Drupal 6.x, Drupal 7.x

Pages

Subscribe with RSS Subscribe to Security advisories