Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2011-058 - Support Timer - Cross Site Scripting (XSS)

By Drupal Security Team on 30 Nov 2011 at 20:28 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-058
Project: Support Timer (third-party module)
Version: 6.x
Date: 2011-November-30
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2011-057 - Support Ticketing System - Cross Site Scripting (XSS)

By Drupal Security Team on 30 Nov 2011 at 20:25 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-057
Project: Support Ticketing System (third-party module)
Version: 6.x
Date: 2011-November-30
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2011-056 - Webform Validation Cross Site Scripting

By Drupal Security Team on 30 Nov 2011 at 20:03 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-056
Project: Webform Validation (third-party module)
Version: 6.x, 7.x
Date: 2011-November-30
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2011-055 - Webform CiviCRM Integration - Multiple vulnerabilities

By Drupal Security Team on 9 Nov 2011 at 22:16 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-055
Project: Webform CiviCRM Integration (third-party module)
Version: 6.x, 7.x
Date: 2011-November-09
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass, SQL Injection

SA-CONTRIB-2011-054 - CKEditor - Access bypass

By Drupal Security Team on 9 Nov 2011 at 21:33 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-054
Project: CKEditor - WYSIWYG HTML editor (third-party module)
Version: 7.x
Date: 2011-November-09
Security risk: Critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2011-053 - Quiz - Cross Site Scripting

By Drupal Security Team on 9 Nov 2011 at 20:03 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-053
Project: Quiz (third-party module)
Version: 6.x
Date: 2011-November-09
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS