Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

Storage API stream wrappers - Moderately Critical - Access bypass - SA-CONTRIB-2017-010

By Drupal Security Team on 8 Feb 2017 at 16:27 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2017-010
Project: Storage API stream wrappers (third-party module)
Version: 7.x
Date: 2017-February-08
Security risk: 13/25 ( Moderately Critical) AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:Uncommon
Vulnerability: Access bypass

Better Exposed Filters - Less Critical - Cross Site Sscripting (XSS) - SA-CONTRIB-2017-009

By Drupal Security Team on 1 Feb 2017 at 15:50 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2017-009
Project: Better Exposed Filters (third-party module)
Version: 7.x
Date: 2017-February-01
Security risk: 7/25 ( Less Critical) AC:Complex/A:Admin/CI:None/II:Some/E:Theoretical/TD:Uncommon
Vulnerability: Cross Site Scripting

SalesCloud - Critical - Unsupported - SA-CONTRIB-2017-008

By Drupal Security Team on 25 Jan 2017 at 18:21 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2017-008
Project: Salescloud (third-party module)
Version: 7.x
Date: 2017-Jan-25
Security risk: 19/25 ( Critical) AC:None/A:None/CI:Some/II:Some/E:Proof/TD:All

Microblog - Critical - Unsupported - SA-CONTRIB-2017-007

By Drupal Security Team on 25 Jan 2017 at 18:18 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2017-007
Project: microblog (third-party module)
Version: 7.x
Date: 2017-Jan-25
Security risk: 19/25 ( Critical) AC:None/A:None/CI:Some/II:Some/E:Proof/TD:All

OAuth - Less Critical - Access Bypass - SA-CONTRIB-2017-006

By Drupal Security Team on 25 Jan 2017 at 18:14 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2017-006
Project: OAuth (third-party module)
Version: 7.x
Date: 2017-January-25
Security risk: 8/25 ( Less Critical) AC:Complex/A:Admin/CI:None/II:Some/E:Theoretical/TD:Default
Vulnerability: Access bypass

Mailjet - Highly critical - Arbitrary PHP code execution - SA-CONTRIB-2017-005

By Drupal Security Team on 11 Jan 2017 at 16:25 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2017-005
Project: (third-party module)
Version: 7.x
Date: 2017-January-11
Security risk: 23/25 ( Highly Critical) AC:None/A:User/CI:All/II:All/E:Exploit/TD:All
Vulnerability: Arbitrary PHP code execution

Pages

Subscribe with RSS