SA-CONTRIB-2013-017 - Yandex.Metrics - Cross site scripting (XSS)

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2013-017
  • Project: Yandex.Metrics (third-party module)
  • Version: 6.x, 7.x
  • Date: 2013-February-20
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x, Drupal 7.x

SA-CONTRIB-2013-016 - Banckle Chat - Access bypass - Unsupported

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2013-016
  • Project: Banckle Chat (third-party module)
  • Version: 7.x
  • Date: 2013-February-13
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 7.x

SA-CONTRIB-2013-015 - Manager Change for Organic Groups - Cross site scripting (XSS)

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2013-015
  • Project: Manager Change for Organic Groups (third-party module)
  • Version: 7.x
  • Date: 2013-February-13
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 7.x

SA-CONTRIB-2013-014 - Drush Debian Packaging - Information Disclosure - Unsupported

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2013-014
  • Project: Drush Debian Packaging (third-party module)
  • Version: 7.x
  • Date: 2013-January-30
  • Security risk: Critical
  • Exploitable from: Local
  • Vulnerability: Information Disclosure
Categories: Drupal 7.x

SA-CONTRIB-2013-013 - Boxes - Cross site scripting (XSS)

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2013-013
  • Project: Boxes (third-party module)
  • Version: 7.x
  • Date: 2013-January-30
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 7.x

SA-CONTRIB-2013-012 - Google Authenticator login - Access Bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2013-012
  • Project: Google Authenticator login (third-party module)
  • Version: 7.x
  • Date: 2013-January-30
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 7.x

Pages

Subscribe with RSS Subscribe to RSS - Deprecated - Security advisories for contributed projects