Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2014-057 - Password policy - General logic error

By Drupal Security Team on 21 May 2014 at 15:15 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-057
Project: Password policy (third-party module)
Version: 7.x
Date: 2014-May-21
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: General logic error

SA-CONTRIB-2014-056 - Commerce Moneris - Information Disclosure

By Drupal Security Team on 21 May 2014 at 15:07 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-056
Project: Commerce Moneris (third-party module)
Version: 7.x
Date: 2014-May-21
Security risk: Critical
Exploitable from: Remote
Vulnerability: Information Disclosure

SA-CONTRIB-2014-055 - Require Login - Access bypass

By Drupal Security Team on 21 May 2014 at 15:07 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-055
Project: Require Login (third-party module)
Version: 7.x
Date: 2014-May-21
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2014-054 - Views - Access Bypass

By Drupal Security Team on 21 May 2014 at 14:38 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-054
Project: Views (third-party module)
Version: 7.x
Date: 2014-May-21
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2014-053 - Field API Tab Editor (FATE) - Access bypass

By Drupal Security Team on 14 May 2014 at 16:44 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-053
Project: Field API Tab Editor (third-party module)
Version: 7.x
Date: 2014-May-14
Security risk: Critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2014-052 - AddressField Tokens - Cross Site Scripting (XSS)

By Drupal Security Team on 14 May 2014 at 15:34 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-052
Project: Addressfield Tokens (third-party module)
Version: 7.x
Date: 2014-May-14
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS