Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2014-118 - Administer Users by Role - Access Bypass - Unsupported

By Drupal Security Team on 10 Dec 2014 at 15:03 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-118
Project: Administer Users by Role (third-party module)
Version: 6.x
Date: 2014-December-10
Security risk: 11/25 ( Moderately Critical) AC:Complex/A:Admin/CI:None/II:All/E:Proof/TD:Default
Vulnerability: Access bypass

SA-CONTRIB-2014-117 - Hierarchical Select - Cross Site Scripting (XSS)

By Drupal Security Team on 3 Dec 2014 at 18:30 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-117
Project: Hierarchical Select (third-party module)
Version: 6.x
Date: 2014-December-03
Security risk: 14/25 ( Moderately Critical) AC:Basic/A:User/CI:Some/II:All/E:Theoretical/TD:Uncommon
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-116 - Webform Invitation - Cross Site Scripting (XSS)

By Drupal Security Team on 3 Dec 2014 at 14:18 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-116
Project: Webform Invitation (third-party module)
Version: 7.x
Date: 2014-December-03
Security risk: 8/25 ( Less Critical) AC:Basic/A:User/CI:None/II:None/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-115 - Form Builder - Cross-Site Scripting (XSS)

By Drupal Security Team on 19 Nov 2014 at 20:34 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-115
Project: Form Builder (third-party module)
Version: 6.x, 7.x
Date: 2014-November-19
Security risk: 14/25 ( Moderately Critical) AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-114 - Tournament - Cross Site Scripting

By Drupal Security Team on 19 Nov 2014 at 20:11 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-114
Project: Tournament (third-party module)
Version: 7.x
Date: 2014-November-19
Security risk: 8/25 ( Less Critical) AC:Basic/A:User/CI:None/II:None/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-113 - Secure Password Hashes - Denial of Service

By Drupal Security Team on 19 Nov 2014 at 19:54 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-113
Project: Secure Password Hashes (third-party module)
Version: 6.x
Date: 2014-11-19
Security risk: 11/25 ( Moderately Critical) AC:Basic/A:None/CI:None/II:None/E:Proof/TD:All
Vulnerability: Denial of Service

Pages

Subscribe with RSS