Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2015-080 - Profile2 Privacy - Cross Site Scripting (XSS)

By Drupal Security Team on 18 Mar 2015 at 19:09 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-080
Project: Profile2 Privacy (third-party module)
Version: 7.x
Date: 2015-March-18
Security risk: 14/25 ( Moderately Critical) AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

SA-CONTRIB-2015-079 - Chaos tool suite (ctools) - Multiple vulnerabilities

By Drupal Security Team on 18 Mar 2015 at 16:51 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-079
Project: Chaos tool suite (ctools) (third-party module)
Version: 6.x, 7.x
Date: 2015-March-18
Security risk: 13/25 (Moderately Critical) AC:Basic/A:None/CI:Some/II:None/E:Theoretical/TD:All
Vulnerability: Access bypass, Open Redirect

SA-CONTRIB-2015-078 - Webform - Cross Site Scripting (XSS)

By Drupal Security Team on 18 Mar 2015 at 16:47 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-078
Project: Webform (third-party module)
Version: 6.x, 7.x
Date: 2015-March-18
Security risk: 11/25 ( Moderately Critical) AC:Complex/A:Admin/CI:Some/II:Some/E:Theoretical/TD:Default
Vulnerability: Cross Site Scripting

SA-CONTRIB-2015-077 - OG tabs - Cross Site Scripting (XSS)

By Drupal Security Team on 11 Mar 2015 at 17:38 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-077
Project: OG tabs (third-party module)
Version: 7.x
Date: 2015-March-11
Security risk: 14/25 ( Moderately Critical) AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

SA-CONTRIB-2015-076 - Image Title - Cross Site Scripting (XSS)

By Drupal Security Team on 11 Mar 2015 at 16:53 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-076
Project: Image Title (third-party module)
Version: 7.x
Date: 2015-March-11
Security risk: 14/25 ( Moderately Critical) AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

SA-CONTRIB-2015-075 - Perfecto - Open Redirect

By Drupal Security Team on 11 Mar 2015 at 16:51 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-075
Project: Perfecto (third-party module)
Version: 7.x
Date: 2015-March-11
Security risk: 10/25 ( Moderately Critical) AC:Basic/A:None/CI:None/II:None/E:Theoretical/TD:All
Vulnerability: Open Redirect

Pages

Subscribe with RSS