profile2_privacy 7.x-1.5

Git tag 7.x-1.5
Security update

See SA-CONTRIB-2015-080 - Profile2 Privacy - Cross Site Scripting (XSS)

webform 7.x-4.5

Git tag 7.x-4.5
Security update
Bug fixes
Insecure

This release of 7.x-4.x fixes one security issues and a number of bugs. Updating is strongly recommended for all users of the 7.x-4.x branch. See SA-CONTRIB-2015-078 - Webform - Cross Site Scripting (XSS) for details.

Security issue

When a webform component is used as the "To" address or addresses for sending an e-mail, the name of the component is not sufficiently sanitized when it is displayed in the list of e-mail settings, leading to a Cross Site Scripting (XSS) vulnerability.

webform 7.x-3.23

Git tag 7.x-3.23
Security update
Bug fixes
Insecure

This release of 7.x-3.x fixes one security issue and a number of bugs. Updating is strongly recommended for all users of the webform 7.x-3.x branch.
See SA-CONTRIB-2015-078 - Webform - Cross Site Scripting (XSS) for details.

webform 6.x-3.23

Git tag 6.x-3.23
Security update

This release of 6.x-3.x fixes one security issue. Updating is strongly recommended for all Drupal 6 webform users.
See SA-CONTRIB-2015-078 - Webform - Cross Site Scripting (XSS) for details.

Security issue

When a webform component is used as the "To" address or addresses for sending an e-mail, the name of the component is not sufficiently sanitized when it is displayed in the list of e-mail settings, leading to a Cross Site Scripting (XSS) vulnerability.

tracking_code 7.x-1.6

Git tag 7.x-1.6
Security update

Issue #2450135 by FatherShawn: Fix SA-CONTRIB-2015-066 - Tracking Code - Cross Site Request Forgery (CSRF)

campaignmonitor 7.x-1.1

Git tag 7.x-1.1
Security update

Issue #2449747 by andrechun, xtfer: Fixes SA-CONTRIB-2015-068 - Campaign Monitor - Cross Site Request Forgery (CSRF)

Pages

Subscribe with RSS Subscribe to RSS - Security update