Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2014-051 - Realname Registration - Information Disclosure

By Drupal Security Team on 14 May 2014 at 15:28 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-051
Project: Realname registration (third-party module)
Version: 6.x, 7.x
Date: 2014-05-14
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Information Disclosure

SA-CONTRIB-2014-050 - Commerce Postfinance ePayment - Access Bypass

By Drupal Security Team on 14 May 2014 at 13:47 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-050
Project: Commerce Postfinance ePayment (third-party module)
Version: 7.x
Date: 2014-May-14
Security risk: Critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2014-049 - Organic Groups (OG) - Access Bypass

By Drupal Security Team on 7 May 2014 at 18:26 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-049
Project: Organic groups (third-party module)
Version: 7.x
Date: 2014-May-07
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2014-048 - Field API Pane Editor (FAPE) - Access bypass

By Drupal Security Team on 30 Apr 2014 at 15:24 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-048
Project: Field API Pane Editor (FAPE) (third-party module)
Version: 7.x
Date: 2014-April-30
Security risk: Highly critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2014-047 - Zen - Cross Site Scripting

By Drupal Security Team on 30 Apr 2014 at 15:14 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-047
Project: Zen (third-party theme)
Version: 7.x
Date: 2014-April-30
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-046 - Context Form Alteration - Cross Site Scripting (XSS)

By Drupal Security Team on 30 Apr 2014 at 13:52 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-046
Project: Context Form Alteration (third-party module)
Version: 7.x
Date: 2014-April-30
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS