Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2012-089 - Counter - SQL Injection (unsupported)

By Drupal Security Team on 30 May 2012 at 18:37 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-089
Project: Counter (third-party module)
Version: 6.x
Date: 2012-May-30
Security risk: Highly critical
Exploitable from: Remote
Vulnerability: SQL Injection

SA-CONTRIB-2012-088 - Mobile Tools - Cross Site Scripting (XSS)

By Drupal Security Team on 30 May 2012 at 18:14 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-088
Project: Mobile Tools (third-party module)
Version: 6.x
Date: 2012-May-30
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-087 - Comment Moderation - Cross Site Request Forgery

By Drupal Security Team on 30 May 2012 at 18:09 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-087
Project: Comment Moderation (third-party module)
Version: 6.x
Date: 2012-May-30
Security risk: Less Critical
Exploitable from: Remote
Vulnerability: Cross Site Request Forgery

SA-CONTRIB-2012-086 - Amadou - Cross Site Scripting

By Drupal Security Team on 30 May 2012 at 17:44 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-086
Project: Amadou (third-party theme)
Version: 6.x
Date: 2012-May-30
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-085 - BrowserID - Multiple Vulnerabilities

By Drupal Security Team on 23 May 2012 at 17:56 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-085
Project: BrowserID (Mozilla Persona) (third-party module)
Version: 7.x
Date: 2012-May-23
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross Site Request Forgery (results in Privilege Escalation)

SA-CONTRIB-2012-084 - Search API - Cross Site Scripting (XSS)

By Drupal Security Team on 23 May 2012 at 17:09 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-084
Project: Search API (third-party module)
Version: 7.x
Date: 2012-May-23
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS