SA-CONTRIB-2014-003 - Doubleclick for Publishers DFP - Cross Site Scripting (XSS)

By Drupal Security Team on
Categories: Drupal 7.x

SA-CONTRIB-2014-002 - Anonymous Posting - Cross Site Scripting (XSS)

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2014-002
  • Project: Anonymous Posting (third-party module)
  • Version: 7.x
  • Date: 2014-January-15
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 7.x

SA-CONTRIB-2014-001 - Entity API - Access Bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2014-001
  • Project: Entity API (third-party module)
  • Version: 7.x
  • Date: 2014-January-08
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 7.x

SA-CONTRIB-2013-098 - Ubercart - Session Fixation Vulnerability

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2013-098
  • Project: Ubercart (third-party module)
  • Version: 6.x, 7.x
  • Date: 2013-12-18
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Session Fixation
Categories: Drupal 6.x, Drupal 7.x

SA-CONTRIB-2013-097 - OG Features - Access bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2013-097
  • Project: OG Features (third-party module)
  • Version: 6.x
  • Date: 2013-December-04
  • Security risk: Not Critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 6.x

SA-CONTRIB-2013-096 - Entity reference - Access bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2013-096
  • Project: Entity reference (third-party module)
  • Version: 7.x
  • Date: 2013-November-20
  • Security risk: Not critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 7.x

Pages

Subscribe with RSS Subscribe to RSS - Deprecated - Security advisories for contributed projects