Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2010-027: Email Input Filter - Arbitrary code execution

By Drupal Security Team on 17 Mar 2010 at 20:41 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-027
Project: Email Input Filter (third-party module)
Version: 5.x, 6.x
Date: 2010-March-17
Security risk: Critical
Exploitable from: Remote
Vulnerability: Arbitrary code execution

SA-CONTRIB-2010-026 - Monthly Archive by Node Type - Access Bypass

By Drupal Security Team on 10 Mar 2010 at 16:52 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-026
Project: Monthly Archive by Node Type (third-party module)
Version: 6.x (all branches)
Date: 2010-March-10
Security risk: Less Critical
Exploitable from: Remote
Vulnerability: Access Bypass

SA-CONTRIB-2010-025 - TinyMCE - Cross Site Scripting (XSS)

By greggles on 10 Mar 2010 at 14:20 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-025
Project: TinyMCE (third-party module)
Version: 5.x
Date: 2010-March-09
Security risk: Less Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-024 - eTracker - Cross Site Scripting

By Drupal Security Team on 3 Mar 2010 at 19:01 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-024
Project: eTracker (third-party module)
Version: 6.x-1.1
Date: 2010-March-03
Security risk: Moderately Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-023 - Workflow - Cross Site Scripting

By Drupal Security Team on 3 Mar 2010 at 18:37 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-023
Project: Workflow (third-party module)
Version: 6.x, 5.x
Date: 2010-March-03
Security risk: Less Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-022 - Internationalization - Arbitrary code execution

By Drupal Security Team on 3 Mar 2010 at 18:28 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-022
Project: Internationalization (third-party module)
Version: 6.x-1.x 5.x-2.x
Date: 2010-March-03
Security risk: Highly Critical
Exploitable from: Remote
Vulnerability: Arbitrary code execution

Pages

Subscribe with RSS