Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

Views Send - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2016-061

By Drupal Security Team on 9 Nov 2016 at 18:01 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2016-061
Project: Views Send (third-party module)
Version: 7.x
Date: 2016-November-09
Security risk: 13/25 ( Moderately Critical) AC:Basic/A:Admin/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

Workbench Moderation - Moderately Critical - Information Disclosure - SA-CONTRIB-2016-060

By Drupal Security Team on 2 Nov 2016 at 20:40 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2016-060
Project: Workbench Moderation (third-party module)
Version: 7.x
Date: 2016-November-02
Security risk: 11/25 ( Moderately Critical) AC:Basic/A:None/CI:Some/II:None/E:Theoretical/TD:Uncommon
Vulnerability: Information Disclosure

D8 Editor File upload - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2016-059

By Drupal Security Team on 2 Nov 2016 at 19:38 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2016-059
Project: D8 Editor File upload (third-party module)
Version: 8.x
Date: 2016-November-02
Security risk: 12/25 ( Moderately Critical) AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:Uncommon
Vulnerability:

Bootstrap - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2016-058

By Drupal Security Team on 2 Nov 2016 at 18:04 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2016-058
Project: Bootstrap (third-party theme)
Version: 7.x
Date: 2016-November-02
Security risk: 13/25 ( Moderately Critical) AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:Default
Vulnerability: Cross Site Scripting

Profile 2 Registration Path - Critical - Cross Site Scripting (XSS) and Access Bypass DRUPAL-SA-CONTRIB-2015-057

By Drupal Security Team on 2 Nov 2016 at 17:47 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-057
Project: Profile2 Registration Path (third-party module)
Version: 7.x
Date: 2016-November-02
Security risk: 19/25 ( Critical) AC:None/A:None/CI:Some/II:Some/E:Proof/TD:All
Vulnerability: Access bypass

Like/Dislike - Critical - Cross Site Request Forgery - SA-CONTRIB-2016-056

By Drupal Security Team on 2 Nov 2016 at 17:38 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2016-056
Project: Like/Dislike (third-party module)
Version: 8.x
Date: 2016-November-02
Security risk: 15/25 ( Moderately Critical) AC:None/A:None/CI:Some/II:Some/E:Theoretical/TD:All
Cross Site Request Forgery

Pages

Subscribe with RSS