Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2011-010 - Messaging - Cross Site Scripting

By Drupal Security Team on 16 Feb 2011 at 23:41 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-010
Project: Messaging (third-party module)
Version: 6.x
Date: 2011-February-16
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2011-009 - Droptor - SQL Injection

By Drupal Security Team on 2 Feb 2011 at 21:21 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-009
Project: Droptor (third-party module)
Version: 6.x
Date: 2011-February-02
Security risk: Critical
Exploitable from: Remote
Vulnerability: SQL Injection

SA-CONTRIB-2011-008 - Chatroom - Cross Site Scripting (XSS) and Cross Site Request Forgery

By Drupal Security Team on 2 Feb 2011 at 19:39 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-008
Project: Chatroom (third-party module)
Version: 6.x
Date: 2011-February-02
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting and Cross Site Request Forgery

SA-CONTRIB-2011-007 - Userpoints Cross Site Scripting

By Drupal Security Team on 2 Feb 2011 at 19:39 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-007
Project: Userpoints (third-party module)
Version: 6.x
Date: 2011-February-02
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2011-006 - Flag Page - Cross Site Scripting (XSS)

By Drupal Security Team on 2 Feb 2011 at 19:38 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-006
Project: Flag page (third-party module)
Version: 6.x
Date: 2011-February-02
Security risk: Moderately Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2011-005 - AES encryption - Information disclosure

By Drupal Security Team on 2 Feb 2011 at 18:53 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2011-005
Project: AES (third-party module)
Version: 7.x
Date: 2011-February-02
Security risk: Critical
Exploitable from: Remote
Vulnerability: Information Disclosure

Pages

Subscribe with RSS