1940 matches found
Open Social - Moderately critical - Access bypass - SA-CONTRIB-2021-002
The Social User Export module enables users within Open Social to create an export of users and download this to a CSV file. The module doesn't sufficiently check access when building the CSV file, allowing logged-in users without the manage members permission to be able to export all data from a...
Ink Filepicker - Critical - Unsupported - SA-CONTRIB-2020-037
The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. It looks like the 3rd party service that this module integrates with may have been retired. If you would like to maintain this project nevertheless,...
Commerce Core - Moderately critical - Access bypass - SA-CONTRIB-2020-020
Drupal Commerce is used to build eCommerce websites and applications. It's possible to configure commerce to permit orders by anonymous users. In this configuration, customers who do not choose to create an account upon checkout completion remain anonymous, and the resulting orders are never...
SVG Formatter - Critical - Cross site scripting - SA-CONTRIB-2020-005
SVG Formatter module provides support for using SVG images on your website. This security release fixes third-party dependencies included in or required by SVG Formatter. XSS bypass using entities and tab. This vulnerability is mitigated by the fact that an attacker must be able to upload SVG fil...
Administration Views - Moderately critical - Access bypass - SA-CONTRIB-2019-076
This module replaces administrative overview/listing pages with actual views for superior usability. The module doesn't sufficiently check user access when using the "Menu system path" access handler on a Views displays other than "System". Update: This project had been unsupported due to this...
Booking and Availability Management Tools for Drupal - Moderately critical - Access Bypass - SA-CONTRIB-2019-074
The Bat module provides a foundation through which a wide range of availability management, reservation and booking use cases can be addressed. The routes used to view events don't sufficiently guard access for non-privileged users. Specifically, a user with the 'View own' permission for bat even...
Localization update - Moderately critical - Insecure server configuration - SA-CONTRIB-2019-072
This module enables you to automatically download and update the site's interface translation by fetching them from localize.drupal.org or any other Localization server. The module doesn't sufficiently protect the directory it stores translation files in. It's conventional for directories which m...
Gutenberg - Critical - Access bypass - SA-CONTRIB-2019-069
This module provides a new UI experience for node editing - Gutenberg editor. The routes used by the Gutenberg editor lack proper permissions allowing untrusted users to view and modify some content they should not be able to view or modify...
scroll to top - Moderately critical - Cross site scripting - SA-CONTRIB-2019-061
The Scroll To Top module enables you to have an animated scroll to top link in the bottom of the node. The module does not sufficiently filter configuration text leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must have a role with...
RESTful - Critical - Remote code execution - SA-CONTRIB-2019-041
This resolves issues described in SA-CORE-2019-003 for this module...
Views (for Drupal 7) - Moderately critical - Information disclosure - SA-CONTRIB-2019-035
This module enables you to create customized lists of data. The module doesn't sufficiently build queries when used with exposed filters, leading to a possible information disclosure vulnerability in certain rare circumstances. This vulnerability is mitigated by the fact that a view must have an...
Video - Critical - Remote Code Execution - SA-CONTRIB-2019-022
This resolves issues described in SA-CORE-2019-003 for this module. Not all configurations are affected. See SA-CORE-2019-003 for details...
RESTful Web Services - Critical - Access bypass - SA-CONTRIB-2019-018
This resolves issues described in SA-CORE-2019-003 for this module. Not all configurations are affected. See SA-CORE-2019-003 for details...
Password Policy - Less critical - Denial of Service - SA-CONTRIB-2018-077
The Password Policy module makes it possible to set constraints on user passwords which disallow certain passwords. The "digit placement" constraint is vulnerable to Denial of Service attacks if an attacker submits specially crafted passwords which can cause a site to become unresponsive. This...
Fraction - Less critical - XSS vulnerability - SA-CONTRIB-2018-059
This module enables you to create fields for storing decimal values as two integers numerator and denominator for maximum precision. The module doesn't sufficiently filter XSS strings out of field labels. This vulnerability is mitigated by the fact that an attacker must have a role with the abili...
litejazz - Moderately critical - Cross Site Scripting - SA-CONTRIB-2018-050
This theme features 3 color styles, 12 fully collapsible regions, suckerfish menus, fluid or fixed widths, easy configuration, and more. The theme doesn't sufficiently sanitize user input. This vulnerability is mitigated by the fact that the theme is only exploitable with non-default settings and...
Mass Password Reset - Less critical - Insecure Randomness - SA-CONTRIB-2018-043
This module enables you to reset passwords for all users based upon their user role. The module doesn't use a strong source of randomness, creating weak and predictable passwords. This vulnerability is mitigated by the fact that the site must be configured to reveal the password to the attacker,...
Entity API - Moderately critical - Information Disclosure - SA-CONTRIB-2018-013
The Entity API module extends the entity API of Drupal core in order to provide a unified way to deal with entities and their properties. The module prints debugging information to the HTML output in certain error conditions thereby causing an information disclosure vulnerability. This...
Node View Permissions - Moderately critical - Access Bypass - SA-CONTRIB-2018-002
The Node view permissions module enables the "View own content" and "View any content" permissions for each content type on the permissions page. This module has a vulnerability that allows users with these permissions to view unpublished content that they are not otherwise authorized to view. Th...
Custom Permissions - Moderately critical - Access bypass - SA-CONTRIB-2017-083
Custom Permissions is a lightweight module that allows permissions to be created and managed through an administrative form. When this module is in use, any user who is able to perform an action which rebuilds some of Drupal's caches can trigger a scenario in which certain pages protected by this...
H5P - Critical - Reflected Cross Site Scripting (XSS) - DRUPAL-SA-CONTRIB-2017-071
The H5P module helps create interactive videos, question sets, drag and drop questions, multichoice questions, boardgames, presentations, flashcards and more using Drupal. The module does not sufficiently filter text prior to printing it back to the page, leading to a Reflected Cross Site Scripti...
Session Cache API - Critical - Multiple vulnerabilities - DRUPAL-SA-CONTRIB-2017-065
This module does not safely deal with serialization. CVE identifiers issued ACVE identifier will be requested, and added upon issuance, in accordance with Drupal Security Team processes. Versions affected Session Cache API 7.x-1.4 Drupal core is not affected. If you do not use the contributed...
Bootstrap - Critical - Information Disclosure - SA-CONTRIB-2017-048
This theme enables you to bridge the gap between the Bootstrap Framework and Drupal. The theme does not sufficiently exclude the submitted password value when an incorrect value has been submitted Versions affected bootstrap 8.x-3.x versions prior to 8.x-3.5. Drupal core is not affected. If you d...
AES - Critical - Unsupported - SA-CONTRIB-2017-027
This module provides an API that allows other modules to encrypt and decrypt data using the AES encryption algorithm. The module does not follow requirements for encrypting data safely. An attacker who gains access to data encrypted with this module could decrypt it more easily than should be...
RestWS - Moderately Critical - Information Disclosure - SA-CONTRIB-2017-024
RestWS makes Drupal Entity data available in a REST API. The module doesn’t sufficiently check for access to properties when filtering queries. This vulnerability is mitigated by the fact that an attacker must have a role that allows them to access an entity type with access-controlled properties...
Acquia Content Hub - Moderately Critical - Access Bypass - SA-CONTRIB-2017-013
The Acquia Content Hub module enables the distribution and discovery of content from any source using the Acquia Content Hub service. The module allows rendering of any arbitrary entity, without performing the appropriate access check. Users browsing to a well crafted URL could access information...
Permissions by Term -- Critical - Multiple vulnerabilities - SA-CONTRIB-2017-001
The Permissions by Term module extends Drupal functionality by restricting access to single nodes via taxonomy terms. Taxonomy terms are part of the Drupal core functionality. Taxonomy term permissions can be coupled to specific user accounts and/or user roles. Enabling the module unintentionally...
D8 Editor File upload - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2016-059
This module enables you to upload files directly within the CKEditor and create a link to download the given file. The module doesn't sufficiently check the uploaded file extensions when the allowed extensions list is not the default one. This vulnerability is mitigated by the fact that an attack...
Flag Lists - Moderately Critical - Cross Site Scripting - SA-CONTRIB-2016-051
This module enables regular users to create unlimited private flags called lists. The flaglists module doesn't sufficiently filter the output when applying token strings to flaglists links leading to a persistent Cross Site Scripting XSS attack. This vulnerability is mitigated by the fact that an...
OAuth2 Client- Moderately Critical - Cross Site Request Forgery - SA-CONTRIB-2016-044
This module provides an OAuth2 client. The module does not check the validity of the state parameter, during server-side flow, before getting a token. This may allow a malicious user to feed a fake accesstoken to another user, and subsequently provide him fake data from the server. This page...
Page Manager Search - Moderately Critical - Information disclosure - SA-CONTRIB-2016-032
This module enables you to make Panels pages and other pages managed by CTools' Page Manager submodule indexible and searchable through the standard Search module provided in Drupal core. The module doesn't block access to Page Manager pages which have been disabled. CVE identifiers issued ACVE...
REST JSON - Multiple Vulnerabilities - Highly Critical - Unsupported - SA-CONTRIB-2016-033
This module enables you to expose content, users and comments via a JSON API. The module contains multiple vulnerabilities including Node access bypass Comment access bypass User enumeration Field access bypass User registration bypass Blocked user login Session name guessing Session enumeration...
Features - Less Critical - Denial of Service (DoS) - SA-CONTRIB-2016-020
This module enables you to organize and export configuration data. The module doesn't sufficiently protect the admin/structure/features/cleanup path with a token. If an attacker can trick an admin with the "manage features" permission to request a special URL, it could lead to clearing the cache...
Fieldable Panels Panes - Moderately Critical - Access Bypass - SA-CONTRIB-2016-014
This module enables you to create fieldable entities that have special integration with Panels. The module doesn't check access permissions on a file when it is attached to a field on a Fieldable Panels Panes entity that has been made private and where the file field is set to store files using t...
Embedded Media Field - Moderately Critical - Access Bypass - DRUPAL-SA-CONTRIB-2016-004
This module enables you to to display video, image, and audio files from various third party providers The module doesn't sufficiently sanitize path arguments under certain scenarios. This vulnerability is mitigated by the fact that an attacker must be able to trick an administrator into visiting...
CAS - Moderately Critical - Information Disclosure - DRUPAL-SA-CONTRIB-2016-005
This module enables you to use your Drupal site as a client or server for the single sign on protocol CAS. This vulnerability only affects sites that use the "CAS Server" sub module. The module doesn't allow an administrator to restrict which CAS clients are allowed authenticate with the Drupal C...
Monster Menus - Access Bypass - Moderately Critical - SA-CONTRIB-2015-163
Monster Menus is a hierarchical menu tree, which provides highly scalable, granular permissions for all pages within a site. The module includes an option to remove nodes from view add them to a "recycle bin" rather than deleting them outright. When a node has been put into a bin using an affecte...
Quick Edit - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-137
This module enables you to in-place edit entities' fields. The module doesn't sufficiently filter entity titles under the scenario where the user starts in-place editing an entity. The module also doesn't sufficiently filter node titles under the scenario where a node is displayed albeit only on...
Administration Views - Critical - Information Disclosure - SA-CONTRIB-2015-132
Administration Views module replaces overview/listing pages with actual views for superior usability. The module does not check access properly under certain circumstances. Anonymous users could get access to read information they should not have access to. CVE identifiers issued CVE-2015-7226...
Novalnet Payment Module Ubercart - Critical - SQL Injection - Unsupported - SA-CONTRIB-2015-116
This module enables you add the Novalnet payment service provider to Ubercart. The module fails to sanitize a database query by not using the database API properly, thereby leading to a SQL Injection vulnerability. Since the affected path is not protected against CSRF, a malicious user can exploi...
Entityform Block - Moderately Critical - Access Bypass - SA-CONTRIB-2015-106
This module enables you to display an entityform as a block. The module doesn't sufficiently check permissions on the entityform under scenarios where the form is locked to a certain role. CVE identifiers issued CVE-2015-5493 Versions affected Entityform Block 7.x-1.x versions prior to 7.x-1.3...
Keyword Research - Moderately Critical - Cross Site Request Forgery (CSRF) - SA-CONTRIB-2015-098
Keyword Research module enables you to tag and prioritize keywords on a site and node level basis. The module doesn't sufficiently protect some URLs against CSRF. A malicious user can cause another user with "kwresearch admin site keywords" permission to create, delete and set priorities to...
Decisions - Moderately Critical - Cross Site Request Forgery (CSRF) - Unsupported - SA-CONTRIB-2015-086
Decisions module is a replacement for the Poll module and provides advanced voting systems and decision-making tools. The module doesn't sufficiently protect some links against CSRF. A malicious user can cause another user to remove individual voters by getting their browser to make a request to ...
SA-CONTRIB-2015-034 - Commerce WeDeal - Open Redirect
Commerce WeDeal module enables you to do Commerce payments through the payment provider WeDeal. The module doesn't sufficiently check a query parameter used for page redirection, thereby leading to an Open Redirect vulnerability. CVE identifiers issued CVE-2015-3393 Versions affected Commerce...
SA-CONTRIB-2014-119 - Google Analytics - Information disclosure
This module enables you to integrate Drupal with Google Analytics. The module leaks the site specific hash salt to authenticated users when user-id tracking is turned on. This vulnerability is mitigated by the fact that user-id tracking must be turned on and the attacker needs to have an account ...
SA-CONTRIB-2014-109 - Freelinking - Cross Site Scripting (XSS)
The Freelinking module implements a filter framework for easier creation of HTML links to other pages on the site or to external sites. The module does not sanitize the node title when providing a link to the node, opening a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated ...
SA-CONTRIB-2014-106 - Commerce Authorize.Net SIM/DPM Payment Methods - Access Bypass
This module provides payment methods for the Drupal Commerce package to permit the use of the Authorize.Net payment gateway's SIM and DPM payment protocols. Access Bypass The module doesn't sufficiently protect the Drupal Commerce order number passed to the Authorize.Net payment gateway, allowing...
SA-CONTRIB-2014-101 - Ubercart - Cross Site Request Forgery
The Ubercart module provides a shopping cart and e-commerce features for Drupal. Cross Site Request Forgery CSRF The country administration links are not properly protected. A malicious user could trick a store administrator into enabling or disabling a country by getting them to visit a...
SA-CONTRIB-2014-098 - CKEditor - Cross Site Scripting (XSS)
The CKEditor module and its predecessor, FCKeditor module allows Drupal to replace textarea fields with CKEditor 3.x/4.x FCKeditor 2.x in case of FCKeditor module - a visual HTML editor, sometimes called WYSIWYG editor. Both modules define a function, called via an ajax request, that filters text...
SA-CONTRIB-2014-045 - Drupal Commons - Multiple Vulnerabilities
This SA contains two patches against Drupal Commons Views Bulk Operations Access Bypass Drupal commons comes with a view to moderate reported content, which is intended for authenticated users to view which content has been reported. Since it has hard coded VBO operations within the view, and...