Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

Node Notify - Critical - Multiple Vulnerabilities - SA-CONTRIB-2016-013

By Drupal Security Team on 2 Mar 2016 at 14:41 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2016-013
Project: Node Notify (third-party module)
Version: 7.x
Date: 2016-March-02
Security risk: 18/25 ( Critical) AC:None/A:None/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting, Cross Site Request Forgery

Hubspot CTA - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2016-012 - Unsupported

By Drupal Security Team on 2 Mar 2016 at 14:37 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2016-012
Project: Hubspot CTA (third-party module)
Version: 7.x
Date: 2016-March-02
Security risk: 13/25 ( Moderately Critical) AC:Basic/A:Admin/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

Google Analytics Counter - Moderately Critical - CSRF - SA-CONTRIB-2016-011

By Drupal Security Team on 2 Mar 2016 at 14:07 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2016-011
Project: Google Analytics Counter (third-party module)
Version: 7.x
Date: 2016-March-02
Security risk: 12/25 ( Moderately Critical) AC:None/A:Admin/CI:None/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Request Forgery

USASearch - Moderately Critical - Access Bypass - SA-CONTRIB-2016-010

By Drupal Security Team on 2 Mar 2016 at 14:01 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2016-010
Project: DigitalGov Search (machine name: USASearch) (third-party module)
Version: 7.x
Date: 2016-March-02
Security risk: 11/25 ( Moderately Critical) AC:Basic/A:Admin/CI:Some/II:None/E:Proof/TD:All
Vulnerability: Access bypass

Prepopulate - Moderately Critical - Multiple Vulnerabilities - SA-CONTRIB-2016-009

By Drupal Security Team on 2 Mar 2016 at 13:57 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2016-009
Project: Prepopulate (third-party module)
Version: 7.x
Date: 2016-March-02
Security risk: 13/25 ( Moderately Critical) AC:Basic/A:None/CI:None/II:Some/E:Theoretical/TD:All
Vulnerability: Multiple vulnerabilities

FileField - Denial of Service - SA-CONTRIB-2016-008

By Drupal Security Team on 24 Feb 2016 at 15:03 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2016-008
Project: FileField (third-party module)
Version: 6.x
Date: 2016-February-24
Security risk: 11/25 ( Moderately Critical) AC:Complex/A:User/CI:None/II:Some/E:Proof/TD:All
Vulnerability: Denial of Service

Pages

Subscribe with RSS