Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2012-011 - Panels - Cross Site Scripting (XSS)

By Drupal Security Team on 18 Jan 2012 at 19:56 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-011
Project: Panels (third-party module)
Version: 6.x
Date: 2012-January-18
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-010 - stickynote - Multiple vulnerabilities

By Drupal Security Team on 18 Jan 2012 at 19:50 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-010
Project: stickynote (third-party module)
Version: 7.x
Date: 2012-January-17
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting, Cross Site Request Forgery

SA-CONTRIB-2012-009 - Revisioning - Access bypass

By Drupal Security Team on 18 Jan 2012 at 17:13 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-009
Project: Revisioning (third-party module)
Version: 7.x
Date: 2012-January-18
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2012-008 - Video Filter - Cross Site Scripting

By Drupal Security Team on 11 Jan 2012 at 20:28 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-008
Project: Video Filter (third-party module)
Version: 6.x, 7.x
Date: 2012-JANUARY-11
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-007 - Password Policy - Multiple vulnerabilities

By Drupal Security Team on 11 Jan 2012 at 17:53 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-007
Project: Password policy (third-party module)
Version: 6.x
Date: 2012-January-11
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting, Cross Site Request Forgery

SA-CONTRIB-2012-006 XSS and CSRF in Multiple Modules - Supercron, Taxotouch, Admin:hover, Taxonomy Navigator no longer supported

By Drupal Security Team on 11 Jan 2012 at 17:19 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-006
Projects: SuperCron, Taxotouch, Taxonomy Navigator, Admin:hover (third-party modules)
Version: 6.x, 7.x
Date: 2012-January-11
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting, Cross Site Request Forgery

Pages

Subscribe with RSS