Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2014-081 - Site Banner - Cross Site Scripting (XSS)

By Drupal Security Team on 20 Aug 2014 at 14:08 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-081
Project: Site Banner (third-party module)
Version: 7.x
Date: 2014-Aug-20
Security risk: 12/25 ( Moderately Critical) AC:Complex/A:Admin/CI:Some/II:Some/E:Proof/TD:75
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-080 - Social Stats - Cross Site Scripting (XSS)

By Drupal Security Team on 20 Aug 2014 at 14:02 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-080
Project: Social Stats (third-party module)
Version: 7.x
Date: 2014-August-20
Security risk: 8/25 ( Less Critical) AC:Basic/A:User/CI:None/II:None/E:Theoretical/TD:100
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-079 - RedHen CRM - Cross Site Scripting (XSS)

By Drupal Security Team on 20 Aug 2014 at 13:58 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-079
Project: RedHen CRM (third-party module)
Version: 7.x
Date: 2014-August-20
Security risk: 7/25 ( Less Critical) AC:Basic/A:Admin/CI:None/II:None/E:Theoretical/TD:100
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-078 - Notify - Access bypass

By Drupal Security Team on 13 Aug 2014 at 16:39 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-078
Project: Notify (third-party module)
Version: 7.x
Date: 2014-August-13
Security risk: 10/25 ( Moderately Critical) AC:Complex/A:User/CI:Some/II:None/E:Proof/TD:75
Vulnerability: Access bypass

SA-CONTRIB-2014-077 - TableField - Cross Site Scripting (XSS)

By Drupal Security Team on 13 Aug 2014 at 13:40 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-077
Project: TableField (third-party module)
Version: 7.x
Date: 2014-August-13
Security risk: 12/25 ( Moderately Critical) AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:25
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-076 - Fasttoggle - Access bypass

By Drupal Security Team on 6 Aug 2014 at 20:16 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-076
Project: Fasttoggle (third-party module)
Version: 7.x
Date: 2014-August-06
Security risk: 11/25 (

Moderately Critical

) AC:Basic/A:None/CI:None/II:None/E:Exploit/TD:25
Vulnerability: Access bypass

Pages

Subscribe with RSS