Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2012-053 - Organic Groups - Access Bypass

By Drupal Security Team on 28 Mar 2012 at 19:47 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-053
Project: Organic groups (third-party module)
Version: 6.x
Date: 2012-March-28
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2012-052 - Node Limit Number - Cross Site Request Forgery (CSRF)

By Drupal Security Team on 28 Mar 2012 at 16:55 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-052
Project: Node Limit Number (third-party module)
Version: 6.x
Date: 2012-March-28
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Request Forgery

SA-CONTRIB-2012-051 - Activity - Multiple Vulnerablities

By Drupal Security Team on 28 Mar 2012 at 15:17 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-051
Project: Activity (third-party module)
Version: 6.x
Date: 2012-March-28
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting, Cross Site Request Forgery

SA-CONTRIB-2012-050 - CDN2 Video - Unsupported

By Drupal Security Team on 28 Mar 2012 at 14:48 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-050
Project: CDN2 Video (third-party module)
Version: 6.x
Date: 2012-March-28
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Multiple vulnerabilities

SA-CONTRIB-2012-049 - ShareThis - Multiple Vulnerablies

By Drupal Security Team on 28 Mar 2012 at 13:59 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-049
Project: ShareThis (third-party module)
Version: 7.x
Date: 2012-March-28
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting, Cross Site Request Forgery

SA-CONTRIB-2012-048 - Contact Save - Cross Site Scripting

By Drupal Security Team on 28 Mar 2012 at 13:50 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-048
Project: Contact Save (third-party module)
Version: 6.x
Date: 2012-March-28
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS