Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

Skype Status - Moderately Critical - Cross Site Scripting - DRUPAL-SA-CONTRIB-2017-076

By Drupal Security Team on 20 Sep 2017 at 18:48 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2017-076
Project: Skype Status (third-party module)
Version: 7.x
Date: 2017-September-20
Security risk: 14/25 ( Moderately Critical) AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

Page Access - Unsupported - SA-CONTRIB-2017-075

By Drupal Security Team on 20 Sep 2017 at 18:43 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2017-075
Project: Page Access (third-party module)
Date: 20-September-2017

Flag clear - Moderately Critical - CSRF - DRUPAL-SA-CONTRIB-2017-074

By Drupal Security Team on 13 Sep 2017 at 16:50 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2017-074
Project: Flag clear (third-party module)
Version: 7.x
Date: 2017-September-13
Security risk: 14/25 ( Moderately Critical) AC:None/A:None/CI:None/II:Some/E:Theoretical/TD:Default
Vulnerability: Cross Site Request Forgery

CAPTCHA - Moderately Critical - Denial of Service - SA-CONTRIB-2017-073

By Drupal Security Team on 6 Sep 2017 at 19:21 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2017-073
Project: CAPTCHA (third-party module)
Version: 7.x
Date: 2017-September-06
Security risk: 10/25 ( Moderately Critical) AC:Basic/A:None/CI:None/II:None/E:Proof/TD:Default
Vulnerability: Denial of Service

Clientside Validation - Critical - Arbitary PHP Execution - DRUPAL-SA-CONTRIB-2017-072

By Drupal Security Team on 6 Sep 2017 at 17:20 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2017-072
Project: Clientside Validation (third-party module)
Version: 7.x
Date: 2017-September-06
Security risk: 16/25 ( Critical) AC:Basic/A:None/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Arbitrary PHP code execution

H5P - Critical - Reflected Cross Site Scripting (XSS) - DRUPAL-SA-CONTRIB-2017-071

By Drupal Security Team on 30 Aug 2017 at 17:10 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2017-071
Project: H5P- Create and Share Rich Content and Applications (third-party module)
Version: 7.x
Date: 2017-August-30
Security risk: 18/25 ( Critical) AC:None/A:None/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS