SA-CONTRIB-2013-047 - Google Authenticator login - Access Bypass

By Drupal Security Team on
Categories: Drupal 6.x, Drupal 7.x

SA-CONTRIB-2013-046 - Filebrowser - Reflected Cross Site Scripting (XSS)

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2013-046
  • Project: Filebrowser (third-party module)
  • Version: 6.x
  • Date: 2013-May-1
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x

SA-CONTRIB-2013-045 - Autocomplete Widgets for Text and Number Fields (autocomplete_widgets) - Access bypass

By Drupal Security Team on
Categories: Drupal 6.x, Drupal 7.x

SA-CONTRIB-2013-044 - elFinder file manager - Cross Site Request Forgery (CSRF)

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2013-044
  • Project: elFinder file manager (third-party module)
  • Version: 6.x, 7.x
  • Date: 2013-April-17
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Request Forgery
Categories: Drupal 6.x, Drupal 7.x

SA-CONTRIB-2013-043 - MP3 Player - Cross Site Scripting (XSS)

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2013-043
  • Project: MP3 Player (third-party module)
  • Version: 6.x
  • Date: 2013-April-17
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x

SA-CONTRIB-2013-042 - RESTful Web Services (RESTWS) - Denial of Service

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2013-042
  • Project: RESTful Web Services (third-party module)
  • Version: 7.x
  • Date: 2013-April-10
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Denial of Service
Categories: Drupal 7.x

Pages

Subscribe with RSS Subscribe to RSS - Deprecated - Security advisories for contributed projects