Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

OSF for Drupal - Critical - Multiple vulnerabilities - SA-CONTRIB-2015-134

By Drupal Security Team on 22 Jul 2015 at 15:46 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-134
Project: OSF for Drupal (third-party module)
Version: 7.x
Date: 2015-July-22
Security risk: 15/25 ( Critical) AC:Basic/A:None/CI:Some/II:Some/E:Theoretical/TD:Default
Vulnerability: Cross Site Scripting, Access bypass, Cross Site Request Forgery

Path Breadcrumbs - Less Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-133

By Drupal Security Team on 15 Jul 2015 at 16:30 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-133
Project: Path Breadcrumbs (third-party module)
Version: 7.x
Date: 2015-July-15
Security risk: 7/25 ( Less Critical) AC:Basic/A:Admin/CI:None/II:None/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

Administration Views - Critical - Information Disclosure - SA-CONTRIB-2015-132

By Drupal Security Team on 8 Jul 2015 at 17:39 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-132
Project: Administration Views (third-party module)
Version: 7.x
Date: 2015-July-08
Security risk: 15/25 ( Critical) AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:All
Vulnerability: Information Disclosure

Views Bulk Operations - Moderately critical - Access Bypass - SA-CONTRIB-2015-131

By Drupal Security Team on 1 Jul 2015 at 15:35 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-131
Project: Views Bulk Operations (VBO) (third-party module)
Version: 6.x, 7.x
Date: 2015-July-01
Security risk: 10/25 ( Moderately Critical) AC:Basic/A:Admin/CI:None/II:All/E:Theoretical/TD:Uncommon
Vulnerability: Access bypass

Migrate - Less critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-130

By Drupal Security Team on 1 Jul 2015 at 15:21 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-130
Project: Migrate (third-party module)
Version: 7.x
Date: 2015-July-01
Security risk: 8/25 ( Less Critical) AC:Basic/A:Admin/CI:None/II:Some/E:Theoretical/TD:Uncommon
Vulnerability: Cross Site Scripting

Shibboleth authentication - Moderately critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-129

By Drupal Security Team on 24 Jun 2015 at 17:02 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-129
Project: Shibboleth authentication (third-party module)
Version: 6.x, 7.x
Date: 2015-June-24
Security risk: 13/25 ( Moderately Critical) AC:Basic/A:Admin/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS