CVE-2025-9553 API Key manager - Critical - Unsupported - SA-CONTRIB-2025-103

Vulnerability in Drupal API Key manager.This issue affects API Key manager:...

SA-CONTRIB-2009-031 - Ajax Session - Multiple vulnerabilities

The Ajax session module allows users to set PHP session variables using AJAX. The module does not make proper use of the Drupal API, leaving it open to multiple vulnerabilities, including Cross Site Request Forgeries CSRF and Cross Site Scripting XSS. Versions affected Ajax Session 5.x-1.0 Drupal...