Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2015-002 - Course - Cross Site Scripting (XSS)

By Drupal Security Team on 7 Jan 2015 at 15:59 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-002
Project: Course (third-party module)
Version: 6.x, 7.x
Date: 2015-January-07
Security risk: 14/25 ( Moderately Critical) AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

SA-CONTRIB-2015-001 - OPAC - Cross Site Request Forgery (CSRF)

By Drupal Security Team on 7 Jan 2015 at 15:39 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2015-001
Project: OPAC (third-party module)
Version: 7.x
Date: 2015-January-07
Security risk: 13/25 ( Moderately Critical) AC:Basic/A:None/CI:None/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Request Forgery

SA-CONTRIB-2014-128 - Organic Groups Menu - Access bypass

By Drupal Security Team on 17 Dec 2014 at 19:57 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-128
Project: OG Menu (third-party module)
Version: 6.x, 7.x
Date: 2014-December-17
Security risk: 14/25 ( Moderately Critical) AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Access bypass, Information Disclosure

SA-CONTRIB-2014-127 - School Administration - Cross Site Scripting (XSS)

By Drupal Security Team on 17 Dec 2014 at 18:57 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-127
Project: School Administration (third-party module)
Version: 7.x
Date: 2014-December-17
Security risk: 14/25 ( Moderately Critical) AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-126 - Open Atrium - Multiple vulnerabilities

By Drupal Security Team on 17 Dec 2014 at 18:09 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-126
Project: Open Atrium (third-party module)
Version: 7.x
Date: 2014-December-17
Security risk: 13/25 ( Moderately Critical) AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:Default
Vulnerability: Access bypass, Cross Site Request Forgery, Multiple vulnerabilities

SA-CONTRIB-2014-125 - Organic Groups Menu - Access bypass

By Drupal Security Team on 10 Dec 2014 at 20:08 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-125
Project: OG Menu (third-party module)
Version: 6.x, 7.x
Date: 2014-December-10
Security risk: 14/25 ( Moderately Critical) AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Access bypass, Information Disclosure

Pages

Subscribe with RSS