Home » Newsletters

Security advisories for contributed projects

Security advisories for third-party projects that are not part of Drupal core - this includes all module, themes, and install profiles that have been contributed by a community member. These posts by the Drupal security team are also sent to the security announcements e-mail list.

SA-CONTRIB-2009-040 - Advanced Forum - Multiple vulnerabilities

Drupal Security Team - July 1, 2009 - 20:58
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-040
  • Project: Advanced Forum (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009-July-1
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities
» Read more

SA-CONTRIB-2009-039 - Links Package - Cross Site Scripting

· ·
Drupal Security Team - June 25, 2009 - 15:46
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-039
  • Project: Links Package (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009-June-25
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
» Read more

SA-CONTRIB-2009-038 - Nodequeue - Multiple vulnerabilities

·
Drupal Security Team - June 10, 2009 - 22:15
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-038
  • Project: Nodequeue (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009-June-10
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities
» Read more

SA-CONTRIB-2009-037 - Views - Multiple vulnerabilities

·
Drupal Security Team - June 10, 2009 - 21:59
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-037
  • Project: Views
  • Versions: 6.x-2.x
  • Date: 2009-June-10
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting (XSS), Access Bypass
» Read more

SA-CONTRIB-2009-036 - Services - Impersonation

·
Drupal Security Team - June 10, 2009 - 21:07
  • Advisory ID: SA-CONTRIB-2009-036
  • Project: Services (third-party module)
  • Version: 6.x
  • Date: 2009 June 10
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Impersonation
» Read more

SA-CONTRIB-2009-035 - Booktree - Cross site scripting

· ·
Drupal Security Team - June 10, 2009 - 18:07
  • Advisory ID: DRUPAL-SA-CONTRIB-2009-035
  • Project: Booktree (third-party module)
  • Version: 5.x, 6.x
  • Date: 2009-June-10
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
» Read more
Syndicate content
 
 

Drupal is a registered trademark of Dries Buytaert.