Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2010-051 - Heartbeat - Cross Site Scripting

By Drupal Security Team on 19 May 2010 at 19:17 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-051
Project: Heartbeat (third-party module)
Version: 6.x
Date: 2010-May-19
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-050 - CAPTCHA - Cross Site Scripting

By Drupal Security Team on 19 May 2010 at 19:07 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-050
Project: CAPTCHA (third-party module)
Version: 5.x, 6.x
Date: 2010-May-19
Security risk: Not Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-049 - Wordpress Import - Access bypass

By Drupal Security Team on 19 May 2010 at 17:42 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-049
Project: Wordpress Import (third-party module)
Version: 6.x
Date: 2010-May-19
Security risk: Highly Critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2010-048: CiviRegister - Cross Site Scripting

By Drupal Security Team on 12 May 2010 at 20:51 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-048
Project: CiviRegister (third-party module)
Version: 5.x, 6.x
Date: 2010-May-12
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-047: Services - Access Bypass

By Drupal Security Team on 12 May 2010 at 19:25 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-047
Project: Services (third-party module)
Version: 6.x
Date: 2010-May-12
Security risk: Critical
Exploitable from: Remote
Vulnerability: Access Bypass

SA-CONTRIB-2010-046: Award - Cross Site Scripting

By Drupal Security Team on 12 May 2010 at 18:57 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-046
Project: Award (third-party module)
Version: 5.x, 6.x
Date: 2010-May-12
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS