Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2014-069 - Logintoboggan - Access Bypass and Cross Site Scripting (XSS)

By Drupal Security Team on 9 Jul 2014 at 17:17 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-069
Project: LoginToboggan (third-party module)
Version: 7.x
Date: 2014-July-09
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting, Access bypass

SA-CONTRIB-2014-068 - Pane - XSS

By Drupal Security Team on 2 Jul 2014 at 20:09 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-068
Project: Pane (third-party module)
Version: 7.x
Date: 2014-July-02
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-067 - Meta Tags Quick - Multiple vulnerabilities

By Drupal Security Team on 2 Jul 2014 at 13:39 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-067
Project: Meta tags quick (third-party module)
Version: 7.x
Date: 2014-July-02
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting, Open Redirect

SA-CONTRIB-2014-066 - Node Access Keys - Access Bypass

By Drupal Security Team on 2 Jul 2014 at 13:32 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-066
Project: Node Access Keys (third-party module)
Version: 7.x
Date: 2014-July-02
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2014-065 - Custom Meta - Cross Site Scripting (XSS)

By Drupal Security Team on 18 Jun 2014 at 14:37 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-065
Project: Custom Meta (third-party module)
Version: 6.x, 7.x
Date: 2014-June-18
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-064 -Course - Access bypass

By Drupal Security Team on 18 Jun 2014 at 14:04 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-064
Project: Course (third-party module)
Version: 6.x, 7.x
Date: 2014-June-18
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

Pages

Subscribe with RSS