tokenauth 6.x-1.7

Git tag 6.x-1.7
Security update
Bug fixes

See SA-CONTRIB-2012-091 - Tokenauth - Access bypass.

node_embed 7.x-1.0

Git tag 7.x-1.0
Security update
Bug fixes
Insecure

SA-CONTRIB-2012-093 - Node Embed - Access Bypass
Security update to add permission to node list used in CKEditor and #1481526: Suppress Administration Menu module's toolbar in the Node Embed popup

protest 7.x-1.2

Git tag 7.x-1.2
Security update

SA-CONTRIB-2012-097 - Protest - Cross Site Scripting (XSS).

protest 6.x-1.2

Git tag 6.x-1.2
Security update

SA-CONTRIB-2012-097 - Protest - Cross Site Scripting (XSS).

maestro 7.x-1.2

Git tag 7.x-1.2
Security update
Insecure

Fixed security related issues that could allow a XSS or CSRF attack and potentially allow someone to post a link that an maestro admin clicks on and deletes workflow related data. Added token support to all forms and AJAX actions to secure all forms and admin/user actions. See SA-CONTRIB-2012-094 - Maestro module - Cross Site Request Forgery (CSRF), Cross Site Scripting (XSS) for more details.

Additional fixes and changes from previous commits to the dev branch include:

lang_dropdown 7.x-1.4

Git tag 7.x-1.4
Security update
Bug fixes

Changes since 7.x-1.3:

Pages

Subscribe with RSS Subscribe to RSS - Security update