Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2010-033 - Taxonomy Filter - Cross Site Scripting (XSS)

By Drupal Security Team on 31 Mar 2010 at 20:18 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-033
Project: Taxonomy Filter (third-party module)
Version: 6.x
Date: 2010-March-31
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-032 - Taxonomy Breadcrumb - Cross Site Scripting (XSS)

By Drupal Security Team on 31 Mar 2010 at 15:30 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-032
Project: Taxonomy Breadcrumb (third-party module)
Versions: 6.x-1.x, 5.x-1.x
Date: 2010-March-31
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-031 - Menu Block - Cross Site Scripting (XSS)

By Drupal Security Team on 24 Mar 2010 at 23:32 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-031
Project: Menu Block (third-party module)
Versions: 6.x-2.x, 5.x-2.x, 5.x-1.x
Date: 2010-March-24
Security risk: Less Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-030: Mime Mail - Arbitrary code execution

By Drupal Security Team on 24 Mar 2010 at 18:00 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-030
Project: Mime Mail (third-party module)
Version: 5.x
Date: 2010-March-24
Security risk: Highly critical
Exploitable from: Remote
Vulnerability: Arbitrary code execution

SA-CONTRIB-2010-029: Keys - Cross-site Request Forgery

By Drupal Security Team on 17 Mar 2010 at 20:43 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-029
Project: Keys (third-party module)
Version: 6.x
Date: 2010-March-17
Security risk: Less Critical
Exploitable from: Remote
Vulnerability: Cross-site Request Forgery

SA-CONTRIB-2010-028 - Tag Order - Cross Site Scripting

By Drupal Security Team on 17 Mar 2010 at 20:42 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-028
Project: Tag Order (third-party module)
Version: 5.x, 6.x
Date: 2010-March-17
Security risk: Less Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS