Skip to main content
Skip to search
Can we use first and third party cookies and web beacons to
understand our audience, and to tailor promotions you see
?
Yes, please
No, do not track me
Drupal.org home
Discover Drupal
Drupal Core
Drupal CMS
Drupal AI
Case Studies
Drupal for Government
Drupal for Higher Education
Drupal for Nonprofit
Drupal for eCommerce
Drupal for FinTech
Drupal for Healthcare
Drupal for Media & Publishing
Build with Drupal
Download Drupal
Documentation
Getting started
Local Development Guide
Developer Resources
Drupal CMS User Guide
Drupal User Guide
API
Modules
Themes
Distributions
Issue queues
Security Advisories
Partners & Services
Find a Drupal Certified Partner
Become a Drupal Certified Partner
Find a Hosting Provider
Find a Migration Partner
Find Training
Drupal Steward
Community
About the Community
How to Contribute
DrupalCon
Events
Jobs / Careers
News & Blogs
Forum
Slack
Newsletters
Drupal Swag Shop
Support Drupal
The Drupal Association
Donate
Become a Partner
Become a Ripple Maker
Become an Organization Member
Drupal Swag Shop
Return to content
Search form
Search
Log in
Create account
Still on Drupal 7? Security support for Drupal 7 ended on 5 January 2025. Please visit our Drupal 7 End of Life resources page to review all of your options.
Migration Resource Center
Home
Deprecated
Deprecated - Newsletters
Deprecated - Security advisories for contributed projects
This forum is deprecated —
view current Drupal contributed projects security advisories
Skype Status - Moderately Critical - Cross Site Scripting - DRUPAL-SA-CONTRIB-2017-076
By
Drupal Security Team
on
20 Sep 2017 at 18:48 UTC
Advisory ID: DRUPAL-SA-CONTRIB-2017-076
Project:
Skype Status
(third-party module)
Version: 7.x
Date: 2017-September-20
Security risk:
14/25 (
Moderately Critical
) AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting
Page Access - Unsupported - SA-CONTRIB-2017-075
By
Drupal Security Team
on
20 Sep 2017 at 18:43 UTC
Advisory ID: DRUPAL-SA-CONTRIB-2017-075
Project:
Page Access
(third-party module)
Date: 20-September-2017
Flag clear - Moderately Critical - CSRF - DRUPAL-SA-CONTRIB-2017-074
By
Drupal Security Team
on
13 Sep 2017 at 16:50 UTC
Advisory ID: DRUPAL-SA-CONTRIB-2017-074
Project:
Flag clear
(third-party module)
Version: 7.x
Date: 2017-September-13
Security risk:
14/25 (
Moderately Critical
) AC:None/A:None/CI:None/II:Some/E:Theoretical/TD:Default
Vulnerability: Cross Site Request Forgery
CAPTCHA - Moderately Critical - Denial of Service - SA-CONTRIB-2017-073
By
Drupal Security Team
on
6 Sep 2017 at 19:21 UTC
Advisory ID: DRUPAL-SA-CONTRIB-2017-073
Project:
CAPTCHA
(third-party module)
Version: 7.x
Date: 2017-September-06
Security risk:
10/25 (
Moderately Critical
) AC:Basic/A:None/CI:None/II:None/E:Proof/TD:Default
Vulnerability: Denial of Service
Clientside Validation - Critical - Arbitary PHP Execution - DRUPAL-SA-CONTRIB-2017-072
By
Drupal Security Team
on
6 Sep 2017 at 17:20 UTC
Advisory ID: DRUPAL-SA-CONTRIB-2017-072
Project:
Clientside Validation
(third-party module)
Version: 7.x
Date: 2017-September-06
Security risk:
16/25 ( Critical) AC:Basic/A:None/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Arbitrary PHP code execution
H5P - Critical - Reflected Cross Site Scripting (XSS) - DRUPAL-SA-CONTRIB-2017-071
By
Drupal Security Team
on
30 Aug 2017 at 17:10 UTC
Advisory ID: DRUPAL-SA-CONTRIB-2017-071
Project:
H5P- Create and Share Rich Content and Applications
(third-party module)
Version: 7.x
Date: 2017-August-30
Security risk:
18/25 (
Critical
) AC:None/A:None/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting
Pages
1
2
3
4
5
6
7
8
9
…
next ›
last »
Subscribe with RSS