Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2009-088 - Workflow Multiple Cross Site Scripting Vulnerabilities

By greggles on 28 Oct 2009 at 22:02 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-088
Project: Workflow (third-party module)
Version: 6.x, 5.x
Date: 2009-October-28
Security risk: Moderately Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2009-087 - FAQ Ask - Multiple Vulnerabilities

By greggles on 28 Oct 2009 at 21:49 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-087
Project: FAQ Ask (third-party module)
Version: 6.x
Date: 2009 October 28
Security risk: Critical
Exploitable from: Remote
Vulnerability: Multiple Vulnerabilities (XSS, CSRF, Open Redirect)

SA-CONTRIB-2009-086 - OpenSocial Shindig-Integrator - Cross Site Scripting

By Drupal Security Team on 28 Oct 2009 at 21:17 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-086
Project: OpenSocial Shindig-Integrator (third-party module)
Version: 6.x, 5.x
Date: 2009-October-86
Security risk: Moderately Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2009-085 - Insert Node - Cross Site Scripting

By Drupal Security Team on 28 Oct 2009 at 21:06 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-085
Project: Insert Node (third-party module)
Version: 5.x
Date: 2009-October-28
Security risk: Moderately Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2009-084 - LDAP Integration - Multiple Vulnerabilities

By Drupal Security Team on 28 Oct 2009 at 20:57 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-084
Project: LDAP Integration (third-party module)
Version: 6.x, 5.x
Date: 2009-October-28
Security risk: Critical
Exploitable from: Remote
Vulnerability: Multiple vulnerabilities

SA-CONTRIB-2009-083 - CCK Comment Reference - Access Bypass

By Drupal Security Team on 28 Oct 2009 at 20:53 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-083
Project: CCK Comment Reference (third-party module)
Version: 6.x
Date: 2009-October-28
Security risk: Moderately Critical
Exploitable from: Remote
Vulnerability: Access Bypass

Pages

Subscribe with RSS