Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2014-015 - FileField - Access Bypass

By Drupal Security Team on 12 Feb 2014 at 16:23 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-015
Project: FileField (third-party module)
Version: 6.x
Date: 2014-02-12
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2014-014 - Webform Validation - Cross Site Scripting (XSS)

By Drupal Security Team on 12 Feb 2014 at 16:10 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-014
Project: Webform Validation (third-party module)
Version: 6.x, 7.x
Date: 2014-February-12
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-013- Chaos tool suite (ctools) - Access Bypass

By Drupal Security Team on 12 Feb 2014 at 15:48 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-013
Project: Chaos tool suite (ctools) (third-party module)
Version: 6.x, 7.x
Date: 2014-02-12
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2014-012- Modal Frame API - Cross Site Scripting (XSS)

By Drupal Security Team on 5 Feb 2014 at 21:18 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-012
Project: Modal Frame API (third-party module)
Version: 6.x
Date: 2014-February-05
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2014-011 - Push Notifications - Information Disclosure

By Drupal Security Team on 5 Feb 2014 at 18:45 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-011
Project: Push Notifications (third-party module)
Version: 7.x
Date: 2014-February-05
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Information Disclosure

SA-CONTRIB-2014-010 - Services - Access Bypass and Privilege Escalation

By Drupal Security Team on 5 Feb 2014 at 15:57 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2014-010
Project: Services (third-party module)
Version: 7.x
Date: 2014-February-05
Security risk: Highly critical
Exploitable from: Remote
Vulnerability: Access bypass

Pages

Subscribe with RSS