Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2010-111 - Views - Cross Site Scripting

By Drupal Security Team on 15 Dec 2010 at 20:46 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-111
Project: Views (third-party module)
Version: 6.x
Date: 2010-December-15
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Multiple vulnerabilities

SA-CONTRIB-2010-110 - Drupal For Firebug - Cross-site Request Forgery

By Drupal Security Team on 15 Dec 2010 at 19:08 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-110
Project: Drupal For Firebug (third-party module)
Version: 5.x, 6.x
Date: 2010-Dec-15
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross-site Request Forgery

SA-CONTRIB-2010-109 - Embedded Media Field, Media: Video Flotsam, Media: Audio Flotsam - Multiple Vulnerabilities

By Drupal Security Team on 8 Dec 2010 at 22:18 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-109
Projects: Embedded Media Field, Media: Video Flotsam, Media: Audio Flotsam (third-party module)
Version: 5.x and 6.x
Date: 2010-December-08
Security risk: Moderately Critical
Exploitable from: Remote
Vulnerability: Multiple vulnerabilities

SA-CONTRIB-2010-108 - Who Bought What|Ubercart - Multiple Vulnerabilities

By Drupal Security Team on 8 Dec 2010 at 21:25 UTC

DRUPAL-SA-CONTRIB-2010-108
Project: Who Bought What|Ubercart (third-party module)
Version: 6.x
Date: 2010-Dec-08
Security risk: Highly Critical
Exploitable from: Remote
Vulnerability: Multiple Vulnerabilities

SA-CONTRIB-2010-107 - Services - Access bypass

By Drupal Security Team on 2 Dec 2010 at 02:20 UTC

DRUPAL-SA-CONTRIB-2010-107
Project: Services (third-party module)
Version: 6.x
Date: 2010-Dec-01
Security risk: Critical
Exploitable from: Remote
Vulnerability: Access Bypass

SA-CONTRIB-2010-106 - Comment Edited - Cross Site Scripting

By Drupal Security Team on 1 Dec 2010 at 19:40 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-106
Project: Comment Edited (third-party module)
Version: 6.x
Date: 2010-Dec-01
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS