Skip to main content
Skip to search
Can we use first and third party cookies and web beacons to
understand our audience, and to tailor promotions you see
?
Yes, please
No, do not track me
Drupal.org home
Why Drupal?
About Drupal
Platform overview
Drupal 10
Content Authoring
Content as a Service
Decoupled
Accessibility
Marketing Automation
Multilingual
Security
Personalization
Case studies
Video series
News
Use cases
For Developers
For Marketers
E-commerce
Education
FinTech
Government
Healthcare
High Tech
Nonprofit
Retail
Travel
Resources
Installing Drupal
Documentation
User guide
Local Development Guide
Security
News
Blog
Drupal 7 Migrations
Services
Find an Agency Partner
Find a D7 Migration Partner
Find Integrations & Hosting
Find Drupal Training
Become a Certified Partner
Community
How to Contribute
About the Community
Support
Community Governance
Jobs/Careers
Events
DrupalCon Portland 2024
DrupalCon Barcelona 2024
Community Events
Download
Download
Modules
Themes
Distributions
Issue queues
Browse Repository
Give
Drupal Association
Become an Organization Member
Become a Certified Partner
Become an Individual Member
Make a Donation
Discover Drupal
Drupal Swag Shop
Demo
Demo online
Download
Return to content
Search form
Search
Log in
Create account
Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Learn more
Deprecated - Security advisories for Drupal core
This forum is deprecated —
view current Drupal core security advisories
Drupal core - Cross site request forgeries
By
Heine
on
26 Jul 2007 at 18:58 UTC
Advisory ID: DRUPAL-SA-2007-017
Project: Drupal core
Version: 5.x
Date: 2007-July-26
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Multiple cross site request forgeries
DRUPAL-SA-2007-005 - Drupal core - Arbitrary code execution
By
Heine
on
29 Jan 2007 at 19:11 UTC
Advisory ID: DRUPAL-SA-2007-005
Project: Drupal core
Version: 4.7.x, 5.x
Date: 2007-Jan-29
Security risk: Highly critical
Exploitable from: Remote
Vulnerability: Arbitrary code execution
Drupal core - Denial of service
By
Heine
on
19 Dec 2006 at 15:53 UTC
Advisory ID: DRUPAL-SA-2007-002.
Project: Drupal Core.
Version: 4.6, 4.7
Date: 2007-Jan-05.
Security risk: Less critical.
Exploitable from: Remote.
Vulnerability: Denial of service.
Drupal core - Cross site scripting
By
Heine
on
19 Dec 2006 at 15:43 UTC
Advisory ID: DRUPAL-SA-2007-001.
Project: Drupal Core.
Version: 4.6, 4.7.
Date: 2007-Jan-05.
Security risk: Less critical.
Exploitable from: Remote.
Vulnerability: Cross site scripting.
DRUPAL-SA-2006-026 - Drupal core - Form action attribute injection
By
Heine
on
12 Oct 2006 at 11:55 UTC
Advisory ID: DRUPAL-SA-2006-026
Project: Drupal core
Date: 2006-Oct-18
Security risk: Less critical
Exploitable from: Remote
Vulnerability: HTML attribute injection
DRUPAL-SA-2006-025 - Drupal core - Cross site request forgeries
By
Heine
on
12 Oct 2006 at 11:50 UTC
Advisory ID: DRUPAL-SA-2006-025
Project: Drupal core
Date: 2006-Oct-18
Security risk: Highly critical
Exploitable from: Remote
Vulnerability: Cross site request forgeries
Pages
« first
‹ previous
…
6
7
8
9
10
11
12
13
14
next ›
last »
Subscribe with RSS