EUVD-2015-8628

Malware in sbrugna...

CVE-2015-8754

The Mollom module 6.x-2.7 before 6.x-2.15 for Drupal allows remote attackers to bypass intended access restrictions and modify the mollom blacklist via unspecified vectors...

Mollom - Critical - Unsupported - SA-CONTRIB-2018-038

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466. The security team marks all unsupported projects critical...

Drupal Mollom Module Security Bypass Vulnerability

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.Mollom is one of the intelligent content review third-party service modules. A security vulnerability exists in the Drupal Mollom module version 6.x-2.15 prior to version 6.x-2.7. A...

CVE-2015-8754

The Mollom module 6.x-2.7 before 6.x-2.15 for Drupal allows remote attackers to bypass intended access restrictions and modify the mollom blacklist via unspecified vectors...

Design/Logic Flaw

The Mollom module 6.x-2.7 before 6.x-2.15 for Drupal allows remote attackers to bypass intended access restrictions and modify the mollom blacklist via unspecified vectors...

CVE-2015-8754

The vulnerability CVE-2015-8754 affects the Drupal Mollom module in versions 6.x-2.7 through 6.x-2.14, where insufficient access checks allow remote attackers to bypass access restrictions and modify the site-wide mollom blacklist. The issue arises when handling blacklist entries, enabling unauth...

CVE-2015-8754

The Mollom module 6.x-2.7 before 6.x-2.15 for Drupal allows remote attackers to bypass intended access restrictions and modify the mollom blacklist via unspecified vectors...

Mollom - Critical - Access bypass - SA-CONTRIB-2015-168

The Mollom module allows users to protect their website from spam. As part of the spam protection, Mollom enables the website administrator to create a blacklist. When content is submitted that matches terms on the black list it will be automatically marked as spam and rejected per the site...

Drupal Mollom Module Cross-Site Scripting Patch

Drupal today released an update that patches a cross-site scripting vulnerability in a popular spam and content moderation module used by websites built on the open source CMS. The vulnerability was in a feature of the Mollom module that is installed on at least 60,000 sites, said Drupal security...

SA-CONTRIB-2014-088 - Mollom - Cross-site scripting (XSS)

Mollom is an "intelligent" content moderation web service which determines if a post is potentially spam; not only based on the posted content, but also on the past activity and reputation of the poster across multiple sites. Mollom offers a feature to report submitted content as inappropriate...

SA-CONTRIB-2010-091 - Mollom - Information Disclosure

The Mollom module provides a combination of CAPTCHA challenges with text analysis to intelligently block spam. In some configurations, sensitive user data e.g., a user's plain-text password might be logged through calls to Drupal's watchdog API. This vulnerability is mitigated by the fact that th...