Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2014-105 - OG Menu - Access Bypass

By Drupal Security Team on 29 Oct 2014 at 16:50 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-105
Project: OG Menu (third-party module)
Version: 7.x
Date: 2014-October-29
Security risk: 13/25 ( Moderately Critical) AC:Basic/A:Admin/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Access bypass, Information Disclosure

SA-CONTRIB-2014-104 - Addressfield Tokens - Cross Site Scripting

By Drupal Security Team on 29 Oct 2014 at 16:37 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-104
Project: Addressfield Tokens (third-party module)
Version: 7.x
Date: 2014-October-29
Security risk: 14/25 ( Moderately Critical) AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-103 - Passwordless - Cross Site Scripting (XSS)

By Drupal Security Team on 29 Oct 2014 at 16:03 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-103
Project: Passwordless (third-party module)
Version: 7.x
Date: 2014-October-29
Security risk: 13/25 ( Moderately Critical) AC:Basic/A:Admin/CI:Some/II:Some/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-102 - Document - Cross Site Scripting

By Drupal Security Team on 22 Oct 2014 at 15:15 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-102
Project: Document (third-party module)
Version: 6.x, 7.x
Date: 2014-October-08
Security risk: 8/25 ( Less Critical) AC:Basic/A:User/CI:None/II:None/E:Theoretical/TD:All
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-101 - Ubercart - Cross Site Request Forgery

By Drupal Security Team on 22 Oct 2014 at 15:13 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-101
Project: Ubercart (third-party module)
Version: 6.x, 7.x
Date: 2014-October-22
Security risk: 13/25 ( Moderately Critical) AC:None/A:Admin/CI:None/II:Some/E:Proof/TD:All
Vulnerability: Cross Site Request Forgery

SA-CONTRIB-2014-100 - Bad Behavior - Information Disclosure

By Drupal Security Team on 22 Oct 2014 at 15:11 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-100
Project: Bad Behavior (third-party module)
Version: 6.x, 7.x
Date: 2014-October-22
Security risk: 15/25 ( Critical) AC:Basic/A:Admin/CI:Some/II:All/E:Theoretical/TD:All
Vulnerability: Information Disclosure

Pages

Subscribe with RSS