Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2009-052 - Printer, e-mail and PDF versions - Cross site scripting

By Drupal Security Team on 20 Aug 2009 at 06:29 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-052
Project: Printer, e-mail and PDF versions (Print) (third-party modules)
Version: 5.x, 6.x
Date: 2009-August-19
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2009-051 - ImageCache - Multiple vulnerabilities

By Drupal Security Team on 19 Aug 2009 at 21:06 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-051
Project: ImageCache (third-party modules)
Version: 5.x, 6.x
Date: 2009-August-19
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Multiple vulnerabilities

SA-CONTRIB-2009-050 - Webform report - Cross site scripting

By Drupal Security Team on 5 Aug 2009 at 17:31 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-050
Project: Webform report (third-party module)
Version: All
Date: 2009-Aug-5
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross site scripting

SA-CONTRIB-2009-049 - Live - Privilege escalation, Impersonation

By Drupal Security Team on 29 Jul 2009 at 20:37 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-049
Project: Live (third-party module)
Version: 6.x
Date: 2009-July-29
Security risk: Highly critical
Exploitable from: Remote
Vulnerability: Impersonation, privilege escalation

SA-CONTRIB-2009-048 - Bibliography Module - Cross Site Scripting

By Drupal Security Team on 29 Jul 2009 at 19:32 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-048
Project: Bibliography Module (third-party module)
Version: 5.x, 6.x
Date: 2009-July-29
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2009-047 - Calendar - Cross Site Scripting

By Drupal Security Team on 29 Jul 2009 at 16:47 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-047
Project: Calendar (third-party module)
Version: 6.x
Date: 2009-July-29
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS