Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

Twitter - Moderately Critical - Access bypass - SA-CONTRIB-2015-146

By Drupal Security Team on 9 Sep 2015 at 17:09 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-146
Project: Twitter (third-party module)
Version: 6.x, 7.x
Date: 2015-September-09
Security risk: 12/25 ( Moderately Critical) AC:Basic/A:User/CI:None/II:Some/E:Exploit/TD:Uncommon
Vulnerability: Access bypass

Fieldable Panels Panes - Less Critical - Access bypass - SA-CONTRIB-2015-145

By Drupal Security Team on 2 Sep 2015 at 17:50 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-145
Project: Fieldable Panels Panes (FPP) (third-party module)
Version: 7.x
Date: 2015-September-02
Security risk: 8/25 ( Less Critical) AC:Basic/A:Admin/CI:None/II:Some/E:Theoretical/TD:Uncommon
Vulnerability: Access bypass

Mass Contact - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-144

By Drupal Security Team on 2 Sep 2015 at 17:12 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-144
Project: Mass Contact (third-party module)
Version: 6.x, 7.x
Date: 2015-September-02
Security risk: 13/25 ( Moderately Critical) AC:Basic/A:Admin/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

Zendesk Feedback Tab - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-143

By Drupal Security Team on 2 Sep 2015 at 15:24 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-143
Project: Zendesk Feedback Tab (third-party module)
Version: 7.x
Date: 2015-September-02
Security risk: 13/25 ( Moderately Critical) AC:Basic/A:Admin/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

Spotlight - Moderately Critical - Cross Site Scripting - SA-CONTRIB-2015-142

By Drupal Security Team on 1 Sep 2015 at 20:16 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-142
Project: Spotlight (third-party module)
Version: 7.x
Date: 2015-September-01
Security risk: 13/25 ( Moderately Critical) AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:Default
Vulnerability: Cross Site Scripting

Ctools - Critical - Multiple Vulnerabilities - SA-CONTRIB-2015-141

By Drupal Security Team on 19 Aug 2015 at 20:28 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-141
Project: Chaos tool suite (ctools) (third-party module)
Version: 6.x, 7.x
Date: 2015-August-19
Security risk: 14/25 ( Moderately Critical) AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting, Access bypass, Multiple vulnerabilities

Pages

Subscribe with RSS