SA-CONTRIB-2012-165 - Chaos tool suite (ctools) - Cross Site Scripting (XSS)

The Chaos tool suite is primarily a set of APIs and tools to improve the developer experience. The page manager node view task does not sufficiently escape node titles when setting the page title, allowing XSS. This vulnerability is partially mitigate by the node task being disabled by default an...

SA-CONTRIB-2012-143 PRH Search - Cross Site Scripting (XSS)

PRH Search provides an interface to search for association information for Finnish association using the PRH Patentti- ja Rekisterihallitus database. The module fails to sanitize data retrieved from an untrusted third party source, thereby exposing an arbitrary script injection vulnerability XSS...

SA-CONTRIB-2012-138 - Exposed Filter Data - Cross Site Scripting (XSS)

The Exposed Filter Data facilitates displaying data posted to Views via an exposed filter. The module does not properly sanitize user-supplied data prior to output, leading to a Cross-Site Scripting XSS vulnerability. CVE: Requested Versions affected Exposed Filter Data 6.x-1.x versions prior to...

SA-CONTRIB-2012-130 - Jstool - Multiple Vulnerabilities

Javascript Tool enables administrators to edit any javascript file online from an admin panel. The module does not protect its menu paths, which contain sensitive information about all javascript files on the site and their contents. The module does not validate filenames which can lead to...

SA-CONTRIB-2012-124 - Mime Mail - Access Bypass

The MIME Mail module allows users to send MIME-encoded e-mail messages with embedded images and attachments. The module doesn't perform proper access checks, allowing a user to send arbitrary e.g. the settings.php files as attachments. In the latest version users must have the "send arbitrary...

SA-CONTRIB-2012-122 - Better Revisions - Cross Site Scripting (XSS)

The Better Revisions module changes the built-in revision log text area to a customizable select list with an optional description field. It also allows an administrator to make the list and/or description field required. The module doesn't sufficiently validate strings entered in the...

SA-CONTRIB-2012-116 - Subuser - Cross Site Request Forgery (CSRF) and Access Bypass

The Subuser module allows users to be given the permission to create subusers. The subusers may then be automatically assigned a role or roles. The parent user then has the ability to manage the subusers they have created. A parent user is allowed to assume the role of a subuser they created swit...

SA-CONTRIB-2012-118 - Secure Login - Open Redirect

Secure Login module enables the user login and other forms to be submitted securely via HTTPS, thus preventing passwords and other private user data from being transmitted in clear text. In addition, Secure Login module by default redirects non-HTTPS GET requests for pages containing forms that i...

SA-CONTRIB-2012-107 - Search autocomplete - Access bypass

This module allows you to add autocomplete functionality to virtually any fields of a Drupal site. The module doesn't sufficiently protect access to the module admin page. This vulnerability is mitigated by the fact that the user can only access the page, disable an autocompletion or change...

SA-CONTRIB-2012-075 - Take Control - Cross Site Request Forgery (CSRF)

CVE: CVE-2012-2341 This module enables you to manage your Drupal file-system from within Drupal itself. The module does not sufficiently validate Ajax calls leading to possibility of a Cross Site Request Forgery CSRF attack. This vulnerability is mitigated by the fact that the attacker must be ab...

SA-CONTRIB-2012-070 - Taxonomy Grid : Catalog - Cross Site Scripting (XSS) - Unsupported

CVE: CVE-2012-2308 This module provides a page where you can see each content types you've selected under terms from vocabularies you've selected. This module does not properly filter user supplied text resulting in a Cross Site scripting bug. This vulnerability is mitigated by the fact that an...

SA-CONTRIB-2012-037 - Slidebox - access bypass

CVE: CVE-2012-2063 The Slidebox module allows webmasters do display a link to the next node in a jQuery box that slides in from the right side of the page after a user scrolls past a certain point. While the module checks for "published" status, the module does not contain sufficient usage of...

SA-CONTRIB-2012-035 - Webform Cross Site Scripting (XSS)

CVE: CVE-2012-1660 The Webform module allows content creators to assemble a survey for end-users. The module doesn't sufficiently filter user supplied text when displaying radio buttons or checkboxes when used in combination with the Select or Other... module. This vulnerability is mitigated by t...

SA-CONTRIB-2012-013 - Search Autocomplete - SQL Injection

CVE: CVE-2012-1638 The Search Autocomplete module allows you to add autocomplete functionality to the search fields of a Drupal site. Search Autocomplete does not properly use Drupal's database API, making it possible for a malicious user to carryout SQL injection on the site. This vulnerability ...

SA-CONTRIB-2012-005 - Vote up/down - Cross Site Scripting

CVE: CVE-2012-1627 This module enables you to add voting widgets to nodes, terms and comments. The vudterm sub-module doesn't sufficiently sanitize taxonomy terms before display. In order to execute arbitrary script injection malicious users must have the ability to create or edit taxonomy terms...

SA-CONTRIB-2011-049 - Cumulus - Cross Site Scripting (XSS)

The Cumulus module allows you to display your site's tags using a 3D Flash animation. The module ships with a Flash file cumulus.swf that contains a cross site scripting XSS vulnerability that can be exploited when a user is made to view a specially crafted URL. If the user is logged in to an...

SA-CONTRIB-2011-045 - Rate module Cross Site Scripting

The Rate module provides flexible rate widgets. These widgets are refreshed via AJAX after voting. The AJAX callback does not correctly handle certain arguments obtained from the URL. By enticing a suitably privileged user to visit a specially crafted URL, a malicious user is able to insert...

SA-CONTRIB-2011-033 - iWebkit - Cross Site Scripting

iWebKit is a web toolkit designed to create iPhone and iPod touch compatible websites and webapps. iWebkit does not properly sanitize menu links when displayed, allowing a malicious user to embed scripts in menu items, thus creating a cross site scripting XSS vulnerability that may lead to an...

SA-CONTRIB-2011-034 - Display Suite - Cross Site Scripting

Display Suite allows you to take full control over how your content is displayed using a drag and drop interface. Arrange your nodes, views, comments, user data etc. the way you want without having to work your way through dozens of template files. In certain situations, Display Suite does not...

SA-CONTRIB-2010-113 - Image - Cross Site Scripting

The Image module project contains supplemental modules, one of which, Image gallery, allows users to create and maintain galleries of image nodes using taxonomy terms. The Image gallery module does not sanitize some user-supplied data before displaying it, leading to a Cross Site Scripting XSS...

SA-CONTRIB-2010-109 - Embedded Media Field, Media: Video Flotsam, Media: Audio Flotsam - Multiple Vulnerabilities

1 - Arbitrary File Upload/Code Execution Vulnerability The Embedded Thumbnail module packaged with the project allows users who upload videos to upload their own thumbnails to replace The Drupal Embedded Media Field module. Unfortunately, the Embedded Thumbnail Module contains a vulnerability tha...

SA-CONTRIB-2010-106 - Comment Edited - Cross Site Scripting

The Comment Edited module displays a customizable message at the bottom of a comment when it has been edited. The module does not sanitize some of the user-supplied data before displaying it, leading to a Cross Site Scripting XSS vulnerability that may lead to a malicious user gaining full...

SA-CONTRIB-2010-090 - Yr Weatherdata - SQL Injection

The Yr Weatherdata module displays weather forecasts, and enables users with the proper permission to set the sort method. When setting the sorting method the module does not filter the value input by the user correctly. This vulnerability can be exploited to perform an SQL Injection attack...

SA-CONTRIB-2010-077 - Sage Pay (former Protx) Direct Payment Gateway for Ubercart - Information Disclosure

The Sage Pay Direct Payment Gateway for Ubercart ucprotxvspdirect processes credit card transactions in Ubercart stores using the Sage Pay Direct service. The module may show remote 3-D Secure pages to the user in an iframe when their bank supports the Verified by Visa or MasterCard SecureCode...

SA-CONTRIB-2010-064 - Ubercart MIGS Payment Gateway - Web Parameter Tampering

The Ubercart MIGS Payment Gateway module provides support for the MIGS 3rd-party payment gateway used by ANZ, Commonwealth Bank, Bendigo Bank, and various other banks worldwide for payment processing. This module was susceptible to web parameter tampering which allowed users to bypass paying the...

SA-CONTRIB-2010-055 - Simplenews - Access bypass

Simplenews publishes and sends email newsletters to lists of subscribers, with both anonymous and authenticated users being able to opt-in to mailing lists. The user subscription form does not use the correct access permission resulting in any user with the permission 'subscribe to newsletters'...

SA-CONTRIB-2010-048: CiviRegister - Cross Site Scripting

The CiviRegister module replaces the standard Drupal user registration form with a CiviCRM Profile form configured to create users. Notifications on the Profile's administrative page include unsanitized data obtained from the URL. A malicious user could create a special link which would inject...

SA-CONTRIB-2010-026 - Monthly Archive by Node Type - Access Bypass

The Monthly Archive by Node Type module generates monthly archive pages and a block with links to the pages. You can specify the node types that will be included in the archive pages. In some summary listings, the Monthly Archive by Node Type module does not construct its SQL query to respect nod...

SA-CONTRIB-2010-002 - Currency Exchange - Cross site scripting

This module provides a site with the ability to display currency exchange rates. The module does not sanitize some of the user-supplied data before logging it to the watchdog, leading to a cross-site scripting XSS vulnerability. Versions affected Currency Exchange version prior to 6.x-1.2 Drupal...

SA-CONTRIB-2010-001 - Wunderbar - Cross Site Scripting

The Wunderbar! module provides a floating bar with configurable buttons and the ability to link off to social networking sites. The module does not properly escape user names, potentially allowing a cross site scripting XSS attack which may lead to the user gaining full administrative access. The...

SA-CONTRIB-2009-111 - Randomizer - Cross Site Scripting

The Randomizer module assists researchers and students who want an easy way to perform random sampling or assign participants to experimental conditions. It accepts form input as parameters for generating a pseudo-random list of numbers. The module does not sanitize some of the user-supplied data...

SA-CONTRIB-2009-094 - NGP COO/CWP Integration (crmngp) - Multiple Vulnerabilities

The NGP COO/CWP Integration module provides Drupal integration with the NGP Software API for efficient campaign management. An administration page did not properly implement access control thereby allowing untrusted users to view module log information. User-supplied information was not filtered ...

SA-CONTRIB-2009-041 - Nodequeue - Access bypass

The Nodequeue module enables an administrator to arbitrarily put nodes in a group with an arbitrary order for any purpose, such as providing a listing of nodes or featuring a particular node. On the queue administration screen, users with permission to manipulate a queue are presented with an...

SA-CONTRIB-2009-029 - Views Bulk Operations - Access Bypass

Views Bulk operations allows registered procedures called actions to be applied on a result set of Drupal nodes, returned by the Views module. Through the Views Bulk Operations interface, it is possible to let users who are not authorized to update specific nodes or classes of nodes, to still app...

SA-CONTRIB-2009-024 - Node Access User Reference - Access Bypass

Node Access User Reference enables administrators to automatically grant node access view, update, or delete to a node where the user is referenced by CCK user reference. When such a field is saved with an empty value, Node Access User Reference mistakes this for a reference to the anonymous user...

SA-CONTRIB-2009-014 - CCK Field Privacy - Access Bypass

CCK Field Privacy was incorrectly updated for the Drupal 6.x menu system in such a way that the intended access controls for the administrative pages are by-passed for unprivileged users. This may allow users to change permissions on fields and lead to exposure of private content. Versions affect...

SA-2008-048-b - CCK - Cross site scripting

Update This security announcement is an update of the SA-2008-048 announcement which advised to upgrade CCK for Drupal 5.x to 5.x-1.8. You should now upgrade CCK for Drupal 5.x to 5.x-1.9. The Content Construction Kit CCK allows certain privileged users to add custom fields to content types using...

SA-2008-017 - Header image - Access bypass

The Header image module allows sites to display an image on selected pages based on the node id, path, taxonomy, node type, containing book or the result of PHP code. The module contains a vulnerability where access to the module's administration pages is granted to any user, including the...

SA-2008-012 - Project issue tracking - XSS vulnerability in comment summary tables

The Project issue tracking module provides a summary table to show changes in issue states between comments. Users who have certain editing rights may be able to inject arbitrary code on pages containing these tables. Wikipedia has more information about cross site scripting XSS. Versions affecte...

SA-2007-027 - Token - Cross site scripting

Several server variables are not escaped consistently. When a malicious user is able to enter comments and then entice a victim to visit a webpage, arbitrary HTML and script code can be injected and executed in the context of the victim's session on the targeted website. For example, a malicious...

SA-2007-026 - Drupal Core - Cross site scripting via uploads

The allowed extension list of the core Upload module contains the extension HTML by default. Such files can be used to execute arbitrary script code in the context of the affected site when a user views the file. Revoking upload permissions or removing the .html extension from the allowed extensi...

DRUPAL-SA-2007-005 - Drupal core - Arbitrary code execution

Previews on comments were not passed through normal form validation routines, enabling users with the 'post comments' permission and access to more than one input filter to execute arbitrary code. By default, anonymous and authenticated users have access to only one input format. Immediate...

Acidfree - SQL injection

Under certain circumstances, node titles are not escaped before being used in an SQL query, allowing a malicious user with the 'create acidfree albums' privilege and the ability to create acidfree content, to execute an SQL injection attack. These attacks may lead to administrator access. Version...

Drupal core - Denial of service

The way page caching was implemented allows a denial of service attack. An attacker has to have the ability to post content on the site. He or she would then be able to poison the page cache, so that it returns cached 404 page not found errors for existing pages. If the page cache is not enabled,...

Drupal core - Cross site scripting

A few arguments passed via URLs are not properly sanitized before display. When an attacker is able to entice an administrator to follow a specially crafted link, arbitrary HTML and script code can be injected and executed in the victim's session. Such an attack may lead to administrator access i...

MySite - Cross site scripting

Data is not properly sanitised before being used in titles. This can be exploited to insert and execute arbitrary HTML and script code in a user's browser session in the context of an affected site. This may lead to administrator access if certain conditions are met. Learn more about cross site...

DRUPAL-SA-2006-002 XSS vulnerabilities

Some user input sanity checking was missing. This could lead to possible cross-site scripting XSS attacks. XSS can lead to user tracking and theft of accounts and services. Versions affected All Drupal versions before 4.6.6. Solution If you are running Drupal 4.5.x then upgrade to Drupal 4.5.8. I...

Obfuscate - Moderately critical - Cross-site scripting - SA-CONTRIB-2026-033

This module enables you to obfuscate email addresses in content. The module doesn't sufficiently sanitize user input via the Twig filter. This vulnerability is mitigated by the fact that it only affects sites using the ROT13 encoding and where an attacker can enter content that is filtered using...

Drupal core - Critical - Cross-site scripting - SA-CORE-2026-001

Drupal core's jQuery integration for AJAX modal dialog boxes does not sufficiently sanitize certain options, which can lead to a cross-site scripting XSS vulnerability...

Google Analytics GA4 - Moderately critical - Cross-site Scripting - SA-CONTRIB-2026-024

The Google Analytics GA4 module enables users to add custom attributes to the script tag used to load the Google Analytics library. The module does not sufficiently sanitize these attributes. This vulnerability is mitigated by the fact that an attacker must have a role with the "ga4 configure" or...