Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

Search API Sorts - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2017-016

By Drupal Security Team on 15 Feb 2017 at 16:30 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2017-016
Project: Search API sorts (third-party module)
Version: 7.x
Date: 2017-February-15
Security risk: 12/25 ( Moderately Critical) AC:Complex/A:Admin/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

Hotjar - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2017-015

By Drupal Security Team on 15 Feb 2017 at 16:19 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2017-015
Project: Hotjar (third-party module)
Version: 7.x, 8.x
Date: 2017-February-15
Security risk: 12/25 ( Moderately Critical) AC:Complex/A:Admin/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

OSF for Drupal - Less Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2017-014

By Drupal Security Team on 8 Feb 2017 at 19:20 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2017-014
Project: OSF for Drupal (third-party module)
Version: 7.x
Date: 2017-February-08
Security risk: 5/25 ( Less Critical) AC:Basic/A:Admin/CI:None/II:None/E:Theoretical/TD:Uncommon
Vulnerability: Cross Site Scripting

Acquia Content Hub - Moderately Critical - Access Bypass - SA-CONTRIB-2017-013

By Drupal Security Team on 8 Feb 2017 at 18:35 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2017-013
Project: Acquia Content Hub (third-party module)
Version: 8.x
Date: 2017-February-08
Security risk: 13/25 ( Moderately Critical) AC:Basic/A:None/CI:Some/II:None/E:Theoretical/TD:All
Vulnerability: Access bypass

Wetkit Omega - Moderately Critical - Access Bypass - SA-CONTRIB-2017-012

By Drupal Security Team on 8 Feb 2017 at 17:00 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2017-012
Project: Web Experience Toolkit: Omega (third-party module)
Version: 7.x
Date: 2017-February-08
Security risk: 10/25 ( Moderately Critical) AC:Basic/A:User/CI:Some/II:None/E:Proof/TD:Uncommon
Vulnerability: Access bypass

Facebook Pull - Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2017-011

By Drupal Security Team on 8 Feb 2017 at 16:45 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2017-011
Project: Facebook Pull (third-party module)
Version: 7.x
Date: 2017-February-08
Security risk: 15/25 ( Critical) AC:Complex/A:None/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS