Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2015-050 - Services Basic Authentication - Access bypass

By Drupal Security Team on 18 Feb 2015 at 16:05 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-050
Project: Services Basic Authentication (third-party module)
Version: 7.x
Date: 2015-February-18
Security risk: 15/25 ( Critical) AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:All
Vulnerability: Access bypass

SA-CONTRIB-2015-049 - Navigate - Cross Site Scripting (XSS)

By Drupal Security Team on 18 Feb 2015 at 15:24 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-049
Project: Navigate (third-party module)
Version: 6.x, 7.x
Date: 2015-February-18
Security risk: 16/25 ( Critical) AC:Basic/A:None/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

SA-CONTRIB-2015-048 - Avatar Uploader - Arbitrary PHP code execution

By Drupal Security Team on 18 Feb 2015 at 15:09 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-048
Project: Avatar Uploader (third-party module)
Version: 6.x, 7.x
Date: 2015-February-18
Security risk: 16/25 ( Critical) AC:None/A:User/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Arbitrary PHP code execution

SA-CONTRIB-2015-047 - Panopoly Magic - Cross Site Scripting (XSS)

By Drupal Security Team on 18 Feb 2015 at 15:08 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-047
Project: Panopoly Magic (third-party module)
Version: 7.x
Date: 2015-February-18
Security risk: 13/25 ( Moderately Critical) AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:Default
Vulnerability: Cross Site Scripting

SA-CONTRIB-2015-046 - Taxonomy Tools - Cross Site Scripting (XSS)

By Drupal Security Team on 11 Feb 2015 at 19:18 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-046
Project: Taxonomy Tools (third-party module)
Version: 7.x
Date: 2015-February-11
Security risk: 14/25 ( Moderately Critical) AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

SA-CONTRIB-2015-045 - Node Access Product - Cross Site Scripting (XSS) - Unsupported

By Drupal Security Team on 11 Feb 2015 at 19:18 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-045
Project: Node access product (third-party module)
Version: 6.x, 7.x
Date: 2015-February-11
Security risk: 11/25 ( Moderately Critical) AC:Basic/A:User/CI:Some/II:None/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS