Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2012-101 - Protected Node - Access Bypass

By Drupal Security Team on 13 Jun 2012 at 18:45 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-101
Project: Protected node (third-party module)
Version: 6.x
Date: 2012-June-13
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2012-100 - SimpleMeta - Cross Site Request Forgery (CSRF)

By Drupal Security Team on 13 Jun 2012 at 18:45 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-100
Project: SimpleMeta (third-party module)
Version: 6.x
Date: 2012-June-13
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Request Forgery

SA-CONTRIB-2012-099 - Node Hierarchy - Cross Site Request Forgery (CSRF)

By Drupal Security Team on 13 Jun 2012 at 18:45 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-099
Project: Node Hierarchy (third-party module)
Version: 6.x
Date: 2012-June-13
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Request Forgery

SA-CONTRIB-2012-098 - Janrain Capture - Open Redirect

By Drupal Security Team on 13 Jun 2012 at 18:35 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-098
Project: Janrain Capture (third-party module)
Version: 6.x, 7.x
Date: 2012-June-13
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Open Redirect

SA-CONTRIB-2012-097 - Protest - Cross Site Scripting (XSS)

By Drupal Security Team on 6 Jun 2012 at 20:02 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-097
Project: Protest (third-party module)
Version: 6.x, 7.x
Date: 2012-June-06
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-096 - Authoring HTML - Cross Site Scripting (XSS)

By Drupal Security Team on 6 Jun 2012 at 19:57 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-096
Project: Authoring HTML (third-party module)
Version: 6.x
Date: 2012-June-06
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS