Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2009-046 - Date - Cross Site Scripting

By Drupal Security Team on 29 Jul 2009 at 16:34 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-046
Project: Date (third-party module)
Version: 6.x
Date: 2009-July-29
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2009-045: Moderation - Cross Site Request Forgery

By Drupal Security Team on 22 Jul 2009 at 20:20 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-045
Project: Moderation (third-party module)
Version: 5.x, 6.x
Date: 2009-07-22
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross-site Request Forgery

SA-CONTRIB-2009-044 - Bubbletimer - Multiple vulnerabilities

By john morahan on 22 Jul 2009 at 12:36 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-044
Project: Bubbletimer (third-party module)
Version: 6.x
Date: 2009-July-22
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Multiple vulnerabilities

SA-CONTRIB-2009-043 - Image Assist - Multiple vulnerabilities

By Drupal Security Team on 15 Jul 2009 at 22:48 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-043
Project: Image Assist (third-party module)
Version: 5.x, 6.x
Date: 2009-07-15
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross site scripting, Information disclosure

SA-CONTRIB-2009-042 - Submitted By - Cross Site Scripting

By Drupal Security Team on 15 Jul 2009 at 19:26 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-042
Project: Submitted By (third-party module)
Version: 6.x
Date: 2009-July-15
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2009-041 - Nodequeue - Access bypass

By Drupal Security Team on 8 Jul 2009 at 16:45 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-041
Project: Nodequeue (third-party module)
Version: 5.x, 6.x
Date: 2009-July-08
Security risk: Not critical
Exploitable from: Remote
Vulnerability: Access bypass

Pages

Subscribe with RSS