Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2012-083 - Taxonomy List - Cross Site Scripting (XSS)

By Drupal Security Team on 23 May 2012 at 16:08 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-083
Project: Taxonomy List (third-party module)
Version: 6.x
Date: 2012-May-23
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-082 - Zen - Cross Site Scripting

By Drupal Security Team on 16 May 2012 at 20:38 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-082
Project: Zen (third-party theme)
Version: 6.x
Date: 2012-May-16
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-081 - Aberdeen - Cross Site Scripting

By Drupal Security Team on 16 May 2012 at 20:38 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-081
Project: Aberdeen (third-party theme)
Version: 6.x
Date: 2012-May-16
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-080 - Hostmaster (Aegir) - Access Bypass and Cross Site Scripting (XSS)

By Drupal Security Team on 16 May 2012 at 16:35 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-080
Project: Hostmaster (Aegir) (third-party module)
Version: 6.x
Date: 2012-May-16
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Multiple vulnerabilities

SA-CONTRIB-2012-079 - Post Affiliate Pro - Cross Site Scripting (XSS) and Access Bypass - Unsupported

By Drupal Security Team on 16 May 2012 at 16:21 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-079
Project: Post Affiliate Pro (third-party module)
Version: 6.x
Date: 2012-May-16
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting, Access bypass

SA-CONTRIB-2012-078 - Smart Breadcrumb - Cross Site Scripting (XSS)

By Drupal Security Team on 16 May 2012 at 15:30 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-078
Project: Smart Breadcrumb (third-party module)
Version: 6.x
Date: 2012-May-16
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS