Security announcements
SA-2008-029 - E-Publish - Cross site scripting and Cross site request forgeries
Heine - April 23, 2008 - 20:34
- Advisory ID: DRUPAL-SA-2008-029
- Project: E-Publish (third-party module)
- Versions: 5.x and 6.x
- Date: 2008-April-23
- Security risk: Less critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting and Cross site request forgeries
SA-2008-028 - Internationalization and Localizer - Cross site scripting
Heine - April 23, 2008 - 18:16
- Advisory ID: DRUPAL-SA-2008-028
- Project: Internationalization and Localizer (third-party modules)
- Versions: 5.x and 6.x
- Date: 2008-April-23
- Security risk: Less critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting
SA-2008-027 - Ubercart - Cross site scripting
Heine - April 23, 2008 - 18:16
- Advisory ID: DRUPAL-SA-2008-027
- Project: Ubercart (third-party module)
- Version: 5.x
- Date: 2008-April-23
- Security risk: Less critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting
SA-2008-026 - Drupal core - Access bypass
Heine - April 9, 2008 - 20:25
- Advisory ID: DRUPAL-SA-2008-026
- Project: Drupal core
- Version: 6.x
- Date: 2008-April-09
- Security risk: Moderately critical
- Exploitable from: Remote
- Vulnerability: Access bypass
SA-2008-025 - Simple access - Access bypass
dww - April 9, 2008 - 17:42
- Advisory ID: DRUPAL-SA-2008-025
- Project: Simple access (third-party module)
- Version: 5.x-1.*
- Date: 2008-April-09
- Security risk: Moderately critical
- Exploitable from: Remote
- Vulnerability: Access bypass
SA-2008-024 - Webform - Cross site scripting
Heine - April 3, 2008 - 03:57
- Advisory ID: DRUPAL-SA-2008-024
- Project: Webform (third-party module)
- Version: 5.x, 6.x
- Date: 2008-April-03
- Security risk: Less critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting
