SA-CONTRIB-2009-070 - Shibboleth authentication - Impersonation, privilege escalation

  • Advisory ID: DRUPAL-SA-CONTRIB-2009-070
  • Project: Shibboleth authentication (third-party module)
  • Version: 6.x, 5.x
  • Date: 2009-October-14
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Impersonation, privilege escalation

SA-CONTRIB-2009-068 - Boost - Filesystem Directory Creation

  • Advisory ID: DRUPAL-SA-CONTRIB-2009-068
  • Project: Boost (third-party module)
  • Version: 6.x-1.*
  • Date: 2009-09-30
  • Security risk: Low
  • Exploitable from: Remote
  • Vulnerability: Filesystem Directory Creation

SA-CONTRIB-2009-069 - Shared Sign On - Cross Site Scripting

  • Advisory ID: DRUPAL-SA-CONTRIB-2009-069
  • Project: Shared Sign On (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009 September 30
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities

SA-CONTRIB-2009-067 Dex module - Cross Site Scripting, no longer maintained

  • Advisory ID: DRUPAL-SA-CONTRIB-2009-067
  • Project: Dex: Contact Information Manager (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009-Sept-30
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting

SA-CONTRIB-2009-066 - Organic Groups - Cross Site Scripting

  • Advisory ID: DRUPAL-SA-CONTRIB-2009-066
  • Project: Organic Groups (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009-September-30
  • Security risk: Moderately Critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting

SA-CONTRIB-2009-065 - Browscap - Cross Site Scripting

  • Advisory ID: DRUPAL-SA-CONTRIB-2009-065
  • Project: Browscap (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009-September-30
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS Subscribe to RSS - Deprecated - Security advisories for contributed projects