Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2010-021 - AddThis Button - Cross Site Scripting

By Drupal Security Team on 3 Mar 2010 at 17:36 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-021
Project: AddThis Button (third-party module)
Version: 6.x, 5.x
Date: 2010-March-03
Security risk: Less Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-020 - Facebook-style Statuses (Microblog) - Access bypass

By Drupal Security Team on 24 Feb 2010 at 22:26 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-020
Project: Facebook-style Statuses (Microblog) (third-party module)
Version: 6.x-2.x
Date: 2010-February-24
Security risk: Not Critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2010-019 - Weekly Archive by Node Type - Access Bypass

By Drupal Security Team on 24 Feb 2010 at 16:17 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-019
Project: Weekly Archive by Node Type (third-party module)
Version: 6.x-2.x
Date: 2010-February-24
Security risk: Less Critical
Exploitable from: Remote
Vulnerability: Access Bypass

SA-CONTRIB-2010-018 - Content Distribution - Multiple Vulnerabilities

By Drupal Security Team on 17 Feb 2010 at 22:37 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-018
Project: Content Distribution (third-party module)
Version: 6.x
Date: 2010 February 17
Security risk: Moderately Critical
Exploitable from: Remote
Vulnerability: Mulitple Vulnerabilities

SA-CONTRIB-2010-017 - iTweak Upload - Cross Site Scripting

By Drupal Security Team on 17 Feb 2010 at 18:19 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-017
Project: iTweak Upload (third-party module)
Version: 6.x
Date: 2010 February 17
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-016 - Graphviz Filter - arbitrary code execution

By Drupal Security Team on 10 Feb 2010 at 23:11 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-016
Project: Graphviz Filter (third-party module)
Version: 6.x, 5.x
Date: 2010 February 10
Security risk: Highly critical
Exploitable from: Remote
Vulnerability: Arbitrary code execution

Pages

Subscribe with RSS