1940 matches found
Pubcookie security bypass
It is possible for a malicious user to spoof a user's identity by bypassing the login redirection mechanism in the pubcookie module. The malicious user may gain the privileges of the user they are spoofing, including the administrative user. Versions affected Drupal core is not affected. If you d...
DRUPAL-SA-2005-007 XSS vulnerability in submitted content
Ahmed Saad has brought to our attention a creative way to enter malicious HTML content. Upon further investigation we found that interpretation of broken HTML/SGML and various quirks in interpretation of correctly formed, but non-sensical attribute values by various browsers also allows entering...
DRUPAL-SA-2005-009 Bypass "view user profiles" permission
Andrew Widdowson informed us that it's possible to bypass the 'access user profile' permission if the server is running PHP5. No data can be changed though. Versions affected Drupal 4.6.0, 4.6.1, 4.6.2, 4.6.3 Solution If you are running Drupal 4.6.x and PHP5, then upgrade to Drupal 4.6.4...
Brute force attack protection - Critical - Unsupported - SA-CONTRIB-2026-047
The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466s-becoming-owner-maintainer-or-co-mai...
LocalGov Workflows - Moderately critical - Information disclosure - SA-CONTRIB-2026-039
This module configures default editorial workflows for LocalGov Drupal content types. It provides a Drupal content moderation workflow, a content approvals dashboard, content scheduling and content preview. The module doesn't sufficiently restrict access to a view of Service Contacts at which...
TacJS - Moderately critical - Improper Access Control - SA-CONTRIB-2026-040
This module enables sites to comply with the European cookie law using tarteaucitron.js. The module doesn't sufficiently filter user-supplied markup inside of content leading to an attacker being able to delete arbitrary cookies. This vulnerability is mitigated by the fact that an attacker needs ...
Translate Drupal with GTranslate - Less critical - DOM clobbering / link manipulation - SA-CONTRIB-2026-035
The GTranslate module provides a language switcher widget for Drupal sites. The module’s widget JavaScript did not sufficiently validate that document.currentScript referred to the executing script element. A user who can add HTML to a page could cause the generated language-switcher links to poi...
Node View Permissions - Moderately critical - Access bypass - SA-CONTRIB-2026-034
Node view permissions module enables permissions "View own content" and "View any content" for each content type on permissions page The module doesn't sufficiently handle the case where a user is cancelled and their content is reassigned to the anonymous user. This vulnerability is mitigated by...
Calculation Fields - Moderately critical - Cross-site Scripting - SA-CONTRIB-2026-023
This module extends the Drupal form API adding "Calculation element" form element types, which can evaluate a maths expression. It offers webform integration. The module doesn't sufficiently validate user input; this could be exploited to achieve Information Disclosure or Cross-site Scripting XSS...
OpenID Connect / OAuth client - Moderately critical - Access bypass - SA-CONTRIB-2026-026
This module enables you to use an external OpenID Connect login provider to authenticate and log in users on your site. If a user signs in with a login provider for the first time on the website, a new Drupal user will be created. A visitor who successfully logs in to their Identity Provider and ...
Anti-Spam by CleanTalk - Moderately critical - Cross-site scripting - SA-CONTRIB-2026-014
This module enables you to block bots by Firewall. The module doesn't sufficiently sanitize user input leading to a reflected Cross-site scripting XSS vulnerability. This vulnerability is mitigated by the fact that the vulnerable functionality is only presented to users that are "challenged" or...
Access code - Moderately critical - Access bypass - SA-CONTRIB-2025-108
This module enables users to sign in with an access code instead of entering user names and passwords. When users are allowed to pick their own access codes, they can guess other users' access codes based on the fact that access codes need to be unique and the system warns if the code of their...
Commerce Alphabank Redirect - Moderately critical - Access bypass - SA-CONTRIB-2025-067
This module enables you to pay for Commerce order to an environment provided and secured by the bank The module doesn't sufficiently verify the payment status on canceled orders. An attacker can issue a specially crafted request to update the order status to completed...
RapiDoc OAS Field Formatter - Moderately critical - Cross site scripting - SA-CONTRIB-2025-025
This module can be used to render Open API Documentation using the RapiDoc library. The module provides a custom formatter for link fields. Drupal core does not sufficiently sanitize link element attributes, which can lead to a Cross Site Scripting vulnerability XSS. A separate fix for Drupal cor...
SpamSpan filter - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-016
This module enables your site to obfuscate Email addresses and prevent spambots to collect them. The module doesn't sanitize HTML data attributes when an email address link is transformed to separate span HTML elements and then transformed back by JavaScript leading to a Cross Site Scripting XSS...
Flattern – Multipurpose Bootstrap Business Profile - Critical - Unsupported - SA-CONTRIB-2025-005
The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466s-becoming-owner-maintainer-or-co-mai...
Two-factor Authentication (TFA) - Critical - Access bypass - SA-CONTRIB-2024-043
This module enables you to allow and/or require users to use a second authentication method in addition to password authentication. The module does not sufficiently migrate sessions before prompting for a second factor token. This vulnerability is mitigated by the fact that an attacker must fixat...
Opigno Learning path - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-029
The Opigno Learning Path module enables you to manage group content. Administrative forms allow uploading malicious files which may contain arbitrary code RCE or cross site scriptiong XSS. These forms were not adequately controlled with permissions that communicate the severity of the permission...
Obfuscate Email - Less critical - Cross Site Scripting - SA-CONTRIB-2023-042
This module enables you to hide email addresses from bots and site scrapers by using the rot13 strategy. The module doesn't sufficiently escape the data attribute under the scenario a user has access to manipulate that value. This vulnerability is mitigated by the fact that an attacker must have ...
Better Social Sharing Buttons - Less critical - Cross Site Scripting - SA-CONTRIB-2023-006
This module enables you to add social sharing buttons to a site. The module doesn't sufficiently sanitize the weight and ratio values entered in the module or block configuration. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer blocks"...
Permissions by Term - Moderately critical - Access bypass - SA-CONTRIB-2022-056
This module enables you to set content permissions based on taxonomy terms. The module doesn't sufficiently restrict access to translated and unpublished nodes. This vulnerability is mitigated by the fact that it only affects sites with translated content...
Opigno Learning path - Moderately critical - Access bypass - SA-CONTRIB-2022-029
This module is used as part of the Opigno LMS distribution and implements learning paths for the LMS. The module was providing too much user information about users such as the list of groups a uid is in...
Cog - Critical - Unsupported - SA-CONTRIB-2022-018
The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466procedure---own-project---unsupported...
Navbar - Moderately critical - Cross Site Scripting - SA-CONTRIB-2022-011
This module provides a very simple, mobile-friendly navigation toolbar. The module doesn't sufficiently check for user-provided input. This vulnerability is mitigated by the fact that an attacker must have the ability to post content using a text format like the default "Filtered HTML" format tha...
Business Responsive Theme - Critical - Unsupported - SA-CONTRIB-2022-013
The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466procedure---own-project---unsupported...
Remote Stream Wrapper - Critical - Unsupported - SA-CONTRIB-2022-020
Update 2022-05-04: Existing maintainers have updated the project to clarify that the module did not contain a security issue that caused the module to be unsupported. The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by...
Super Login - Critical - Access bypass - SA-CONTRIB-2022-001
This module enables you to login with an email address. The module doesn't sufficiently check if a user account is active when using email login. This vulnerability is mitigated by the fact that an attacker must have an account in the website that is blocked...
Block Content Revision UI - Moderately critical - Access bypass - SA-CONTRIB-2021-022
This module provides a revision UI for Block Content entities. The module doesn't sufficiently respect access restrictions to certain entities when used in conjunction with specific modules. This vulnerability is mitigated by the fact that an attacker must have a role with any of the permissions...
Linky Revision UI - Moderately critical - Access bypass - SA-CONTRIB-2021-021
This module provides a revision UI for Linky entities. The module doesn't sufficiently respect access restrictions to certain entities when used in conjunction with specific modules. This vulnerability is mitigated by the fact that an attacker must have a role with any of the permissions provided...
Linky Revision UI - Moderately critical - Access bypass - SA-CONTRIB-2021-016
This module provides a revision UI to Linky entities. The module doesn't sufficiently respect access restrictions to certain entities when used in conjunction with specific modules. This vulnerability is mitigated by the fact that an attacker must have a role with any of the permissions provided ...
Media: oEmbed - Critical - Remote Code Execution - SA-CONTRIB-2020-036
Media oEmbed does not properly sanitize certain filenames as described in SA-CORE-2020-012...
Group - Moderately critical - Information disclosure - SA-CONTRIB-2020-032
The Group module enables you to hand out permissions on a smaller subset, section or community of your website. With the 1.1 security release, new code was introduced to ensure proper access for all entity types, but a mistake introduced unexpected access to unpublished nodes...
Easy Breadcrumb - Moderately critical - Cross site scripting - SA-CONTRIB-2020-027
This module enables you to use the current URL path alias and the current page's title to automatically extract the breadcrumb's segments and its respective links then show them as breadcrumbs on your website. The module doesn't sufficiently sanitize editor input in certain circumstances leading ...
Webform - Critical - Access bypass - SA-CONTRIB-2020-016
This webform module enables you to build 'Term select' and 'Term checkboxes' elements. The module doesn't sufficiently check term 'view' access when rendering the 'Term select' and 'Term checkboxes' elements. Unpublished terms will always appear in the 'Term select' and 'Term checkboxes' elements...
SAML Service Provider - Critical - Access bypass - SA-CONTRIB-2020-006
This module enables you to authenticate Drupal users using an external SAML Identity Provider. If the site is configured to allow visitors to register for user accounts but administrator approval is required, the module doesn't sufficiently enforce the administrative approval requirement, in the...
Permissions by Term - Moderately critical - Access bypass - SA-CONTRIB-2019-095
The Permissions by Term module extends Drupal by functionality for restricting access to single nodes via taxonomy terms. The module doesn't sufficiently restrict access to node previews, when the Search API module is used to display nodes in search result lists...
Bypass Form Validations - Critical - Unsupported - SA-CONTRIB-2019-079
The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466procedure---own-project---unsupported...
Nodequeue - Critical - Cross Site Scripting - SA-CONTRIB-2019-085
Updated November 22. This module enables you to collect nodes in an arbitrarily ordered list. Nodequeue's JavaScript can be leveraged to insert HTML from attacker-controlled JSON data. This is exploitable if user-submitted "Filtered HTML" content is displayed on a page where nodequeue.js is loade...
Webform Multiple File Upload - Critical - Unsupported - SA-CONTRIB-2019-090
The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466procedure---own-project---unsupported...
SendinBlue - Critical - Access bypass - SA-CONTRIB-2019-088
Update: This module had an access bypass vulnerability which has now been addressed by the module’s current maintainers. Original description The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you...
Noggin - Critical - Unsupported - SA-CONTRIB-2019-080
Update - 2021-01-22 This maintainer has fixed this security issue. Please install https://www.drupal.org/project/noggin/releases/7.x-1.2 to resolve the issue. The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the...
Forms Steps - Critical - Access bypass - SA-CONTRIB-2019-064
Forms Steps provides an UI to create form workflows using form modes. It creates quick and configurable multisteps forms. The module doesn't sufficiently check user permissions to access its workflows entities that allows to see any entities that have been created through the different steps of i...
Metatag - Moderately critical - Information disclosure - SA-CONTRIB-2019-058
This module enables you to customize meta tags to help with a site's search engine ranking and improve the display of page summaries when shared on social networks. The module doesn't sufficiently check for a site being in maintenance mode. This vulnerability is mitigated by the fact that the sit...
Meta tags quick - Moderately critical - Cross Site Scripting - SA-CONTRIB-2019-057
Metatags quick is a module that manages meta tags tags that appear in HTML's head section as Drupal 7 fields. Administration page of metatags quick does not sanitize the output of blocks that appear on the same page. This allows an attacker to inject malicious JavaScript in block markup. This...
Universally Unique IDentifier - Moderately critical - Access bypass - SA-CONTRIB-2019-052
This module provides an API for adding universally unique identifiers UUID to Drupal objects, most notably entities. The module has a privilege escalation vulnerability when it's used in combination with Services+REST server. This vulnerability is mitigated by the fact that an attacker must...
Multiple Registration - Critical - Access bypass - SA-CONTRIB-2019-048
This module enables you to use special routes for user registration with special roles and custom field sets defined for the role. The module doesn't sufficiently check which user roles can be registered under the scenario when the user tries to register the user with the administrator role. This...
Views (for Drupal 7) - Moderately critical - Information disclosure - SA-CONTRIB-2019-035
This module enables you to create customized lists of data. The module doesn't sufficiently build queries when used with exposed filters, leading to a possible information disclosure vulnerability in certain rare circumstances. This vulnerability is mitigated by the fact that a view must have an...
Views (for Drupal 7) - Less critical - Cross site scripting - SA-CONTRIB-2019-036
This module enables you to create customized lists of data. The module doesn't sufficiently sanitize certain field types, leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that a view must display a field with the format "Full data serialized" and an...
Ubercart - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2019-032
The Ubercart module provides a shopping cart and e-commerce features for Drupal. The taxes module doesn't sufficiently protect the tax rate cloning feature. A malicious user could trick a store administrator into duplicating an existing tax rate by getting them to visit a specially-crafted URL...
Entity Registration - Critical - Multiple Vulnerabilities - SA-CONTRIB-2019-017
This module enables you to take registrations for events, gathering information from registrants including email address and any other questions you wish to configure. In some cases, an anonymous user may view, edit, or delete other anonymous registrations by guessing the URL of that registration...