Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2012-173 - Nodewords: Information disclosure

By Drupal Security Team on 5 Dec 2012 at 17:05 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-173
Project: Nodewords: D6 Meta Tags (third-party module)
Version: 6.x
Date: 2012-December-05
Security risk: Not critical
Exploitable from: Remote
Vulnerability: Information Disclosure

SA-CONTRIB-2012-172 - Zero Point - Cross Site Scripting (XSS)

By Drupal Security Team on 28 Nov 2012 at 22:08 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-172
Project: Zero Point (third-party module)
Version: 6.x, 7.x
Date: 2012-November-28
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-171 - Webmail Plus - SQL injection - (unsupported)

By Drupal Security Team on 28 Nov 2012 at 20:34 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-171
Project: Webmail Plus (third-party module)
Version: 6.x
Date: 2012-November-28
Security risk: Critical
Exploitable from: Remote
Vulnerability: SQL Injection

SA-CONTRIB-2012-170 - MultiLink - Access Bypass

By Drupal Security Team on 28 Nov 2012 at 20:10 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-170
Project: Multi-Language Link and Redirect (MultiLink) (third-party module)
Version: 6.x, 7.x
Date: 2012-November-28
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2012-169 - Email Field - Cross Site Scripting and Access bypass

By Drupal Security Team on 28 Nov 2012 at 19:47 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-169
Project: Email Field (third-party module)
Version: 6.x
Date: 2012-11-28
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting, Access bypass

SA-CONTRIB-2012-168 - Services - Information Disclosure

By Drupal Security Team on 28 Nov 2012 at 19:26 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-168
Project: Services (third-party module)
Version: 6.x, 7.x
Date: 2012-11-28
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Information Disclosure

Pages

Subscribe with RSS