Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2009-016 - Wikitools - Cross site scripting

By Drupal Security Team on 25 Mar 2009 at 19:02 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-016
Project: Wikitools (third-party module)
Version: 5.x, 6.x
Date: 2009-March-25
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross-site scripting

SA-CONTRIB-2009-015 - Tokenauth - Access bypass

By Drupal Security Team on 25 Mar 2009 at 18:48 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-015
Project: Token authentication (third-party module)
Version: 6.x
Date: 2009-March-25
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2009-014 - CCK Field Privacy - Access Bypass

By Drupal Security Team on 21 Mar 2009 at 22:17 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-014
Project: CCK Field Privacy
Version: 6.x
Date: 2009-March-23
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2009-013 CCK - Cross site scripting

By Drupal Security Team on 18 Mar 2009 at 20:58 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-013
Project: Content Construction Kit (third-party module)
Version: 6.x
Date: 2009 March 18
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross-site scripting (XSS)

SA-CONTRIB-2009-012 - Printer, e-mail and PDF versions - Unrestricted e-mailing (spam)

By Drupal Security Team on 18 Mar 2009 at 20:57 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-012
Project: Printer, e-mail and PDF versions (third-party module)
Versions: 5.x, 6.x
Date: 2009 March 18
Security risk: Highly Critical
Exploitable from: Remote
Vulnerability: Unrestricted e-mailing (spam)

SA-CONTRIB-2009-011 Tasklist - SQL injection and Cross site scripting

By Drupal Security Team on 18 Mar 2009 at 18:00 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2009-011
Project: Tasklist (third-party module)
Version: 5.x
Date: 2009 March 18
Security risk: Highly critical
Exploitable from: Remote
Vulnerability: SQL injection and Cross-site scripting (XSS)

Pages

Subscribe with RSS