1940 matches found
UC Profile - Moderately Critical - Information Disclosure - SA-CONTRIB-2015-165
UC Profile module enables you to collect profile fields for users during the checkout process of Ubercart as a checkout pane. The module doesn't sufficiently check access to profiles under certain circumstances. Depending on the information being collected, sensitive data may be exposed. This...
LABjs - Less Critical - Open Redirect - SA-CONTRIB-2015-159
The LABjs module integrates LABjs with Drupal for web performance optimization. The module ships with a modified version of the core Overlay JavaScript file, which is vulnerable to an open redirect attack see SA-CORE-2015-004. Only sites with the Overlay module enabled are vulnerable. An incomple...
Spotlight - Moderately Critical - Cross Site Scripting - SA-CONTRIB-2015-142
The Spotlight module provides a tool that mimics Mac OS X Spotlight functionality. It provides faster access to content, paths and uploaded files. The module doesn't sufficiently sanitize node titles when displayed in results. This vulnerability is mitigated by the fact that an attacker must have...
Chamilo integration - Less Critical - Open Redirect - SA-CONTRIB-2015-115
Chamilo integration module integrates Drupal with Chamilo LMS. The module has an Open Redirect vulnerability, it doesn't sufficiently check passed parameters in the URL. An attacker could trick users to visit malicious sites without realizing it. CVE identifiers issued CVE-2015-5503 Versions...
SA-CONTRIB-2015-066 - Tracking Code - Cross Site Request Forgery (CSRF)
Tracking Code module allows you to create tracking code snippets and control their visibility. The module doesn't sufficiently protect some URLs against CSRF. A malicious user can cause an administrator to disable tracking codes by getting their browser to make a request to a specially-crafted UR...
SA-CONTRIB-2015-028 - Shibboleth Authentication - Cross Site Request Forgery (CSRF)
Shibboleth Authentication module allows users to log in and get permissions based on federated SAML2 authentication. The roles that are assigned to users are based on a matching list. A malicious attacker can delete matching rules from the list by getting the administrator's browser to make a...
SA-CONTRIB-2015-016 - Tadaa! - Multiple vulnerabilities
Tadaa! is a module aimed at simplifying the process of enabling/disabling modules and altering configuration when switching between different environments, e.g. Production/Staging/Development. The module exposes multiple paths that were not protected against Cross Site Request Forgeries CSRF. A...
SA-CONTRIB-2015-004 - Context - Open Redirect
Context allows you to manage contextual conditions and reactions for different portions of your site. Context UI module wasn't checking for external URLs in the HTTP GET destination parameter when redirecting users that are activating/deactivating the Context UI inline editor dialog, thereby...
SA-CONTRIB-2014-100 - Bad Behavior - Information Disclosure
This module enables you to to target any malicious software directed at a Web site, whether it be a spambot, ill-designed search engine bot, or system crackers. It blocks such access and then logs their attempts. Information Disclosure The module doesn't sufficiently sanitize log data, allowing...
SA-CONTRIB-2014-067 - Meta Tags Quick - Multiple vulnerabilities
Meta tags quick adds meta tags editing to all non-administrative pages of Drupal site. Redirector abuse in path-based meta tag editing form When editing a path-based meta tag, module does not check destination parameter of the URL, allowing attacker to pass arbitrary URL to meta tag editing form...
SA-CONTRIB-2014-046 - Context Form Alteration - Cross Site Scripting (XSS)
The Context Form Alteration module enables admins to alter forms via Context reactions. The module doesn't sufficiently sanitize user input entered within the Context configuration UI. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer...
SA-CONTRIB-2014-038 - SimpleCorp theme - Cross Site Scripting
SimpleCorp theme is a free responsive Drupal theme. The SimpleCorp theme does not properly sanitize theme settings before they are used in the output of a page. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer themes". CVE identifiers...
SA-CONTRIB-2013-097 - OG Features - Access bypass
This module enables you to enable and disable bundles of functionality for individual Organic groups. In order to provide this functionality, this module must override all menu callbacks available in the system, in order to delegate access based on the current Organic group you are contextually i...
SA-CONTRIB-2013-076 - jQuery Countdown - Cross Site Scripting (XSS)
This jQuery Countdown Module enables you to display a countdown block based upon date settings. The jQuery Countdown Module does not properly sanitize the settings, allowing a malicious user to embed scripts within a page, resulting in a Cross-site Scripting XSS vulnerability. This vulnerability ...
SA-CONTRIB-2013-066 - Monster Menus - Multiple Vulnerabilities
Monster Menus enables you to create granular page permissions, and apply them to a hierarchical page structure. The mmwebform submodule enables you to assign permissions derived from Monster Menus to webform forms. The module doesn't sufficiently filter titles entered into page settings and echoe...
SA-CONTRIB-2013-064 - Persona - Cross site request forgery (CSRF)
This module enables users to sign into a Drupal website using Mozilla Persona. The module uses a security token to ensure that a sign-in request is made from a web page that is participating in the current session. It was possible for a security token that was not of type "string" to be accepted ...
SA-CONTRIB-2013-065 - Organic Groups - Access Bypass
This module enables users to create and manage their own 'groups'. Each group can have subscribers, and maintains a group home page where subscribers communicate amongst themselves. The module allows any authenticated user to guess the node ID of private groups, and subscribe to them without...
SA-CONTRIB-2013-031 - Premium Responsive theme - Cross Site Scripting (XSS)
This third-party contributed theme change Drupal's interface. The theme doesn't properly sanitize user-entered content in the 3 slide gallery on the homepage leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker would have to have the...
SA-CONTRIB-2013-025 - Fresh Theme - Cross Site Scripting (XSS)
This third-party contributed theme change Drupal's interface. The theme doesn't properly sanitize user-entered content in the 3 slide gallery on the homepage leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker would have to have the...
SA-CONTRIB-2012-173 - Nodewords: Information disclosure
This module enables you to assign meta tags on Drupal 6 sites to aid with 3rd party search indexing and sharing on social networks. The module doesn't correctly filter node content when configured to automatically generate descriptions meta tags from the node text. This lack of filtering could...
SA-CONTRIB-2012-105 - Hashcash - Cross Site Scripting (XSS)
The Hashcash project is an implementation of a Proof Of Work POW or Puzzle scheme where users of a service have to do computational work to have their request granted. In the case of the Drupal Hashcash project, the service is 'form submission' and the Proof Of Work is a token that causes a parti...
SA-CONTRIB-2012-095 - Simplenews - Information Disclosure
Simplenews publishes and sends newsletters. When subscribing to a Simplenews mailing list, confirmation may be required, and Simplenews may disclose the user's e-mail address on the confirmation page. Further, due to the absence of a noindex tag, the list of e-mail addresses can subsequently be...
SA-CONTRIB-2012-077 - Advertisement - Cross Site Scripting & Information Disclosure
XSS Issue: CVE: CVE-2012-2703. Access bypass: CVE: CVE-2012-2704 This module enables you to serve advertisements, define pools of ads and show certain ads on certain pages. The module could, under certain conditions, expose limited site configuration information and a debugging mode did not...
SA-CONTRIB-2012-063 - RealName - Cross Site Scripting (XSS)
CVE: CVE-2012-2298 This module allows you to set a pattern for constructing "Real names" for users out of profile fields. The module does not sufficiently escape users' real names under certain circumstances which could lead to a Cross-Site Scripting XSS attack. Versions affected RealName 6.x-1.x...
SA-CONTRIB-2012-049 - ShareThis - Multiple Vulnerablies
The XSS issue is CVE: CVE-2012-2076 The CSRF issue is CVE: CVE-2012-2077 The ShareThis module allows you to display social networking tools to users. The administration forms of the module do not properly use the Form API allowing a malicious user to inject unexpected settings, allowing for...
SA-CONTRIB-2012-040 - CKEditor and FCKeditor - multiple XSS, arbitrary code execution
CKEditor and its predecessor FCKeditor allow Drupal to replace textarea fields with the FCKEditor - a visual HTML WYSIWYG editor. The modules have an AJAX callback that filters text to prevent Cross site scripting attacks on content edits. This AJAX callback function contains a number of bugs whi...
DRUPAL-SA-2006-026 - Drupal core - Form action attribute injection
A malicious user may entice users to visit a specially crafted URL that may result in the redirection of Drupal form submission to a third-party site. A user visiting the user registration page via such a url, for example, will submit all data, such as his/her e-mail address, but also possible...
SA-2006-007 - Drupal Core - Revision to DRUPAL-SA-2006-006
Recently, the Drupal security team was informed of a potential exploit that would allow untrusted code to be executed upon a successful request by a malicious user. If a dynamic script with multiple extensions such as file.php.pps or file.sh.txt is uploaded and then accessed from a web browser...
Open Social - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-079
Open Social is a Drupal distribution for online communities, which ships with a default module that allows users to enroll in events. The module doesn't sufficiently protect certain routes from Cross Site Request Forgery CSRF attacks. Users can be tricked into accepting or rejecting these...
Simple XML sitemap - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-083
Simple XML sitemap is a SEO module that allows creating various XML sitemaps of the site's content and submitting them to search engines. The module doesn't sufficiently sanitize input when administering it, which leads to a Cross-site scripting XSS attack vector. This vulnerability is mitigated ...
AI (Artificial Intelligence) - Critical - Remote Code Execution - SA-CONTRIB-2025-021
The AI Automators module a submodule of AI enables you to create different automated tasks that fills out field data using LLM outputs. The module doesn't sufficiently sanitize input before passing it to the underlying shell as part of a command for execution, allowing an attacker to run arbitrar...
Open Social - Moderately critical - Information Disclosure - SA-CONTRIB-2024-005
Open Social is a Drupal distribution for online communities. The included optional socialgroupflexiblegroup module doesn't sufficiently validate group updates. The lack of validation makes it possible to have content inside the group changing it's visibility, which could lead to that content bein...
Two-factor Authentication (TFA) - Moderately critical - Access bypass - SA-CONTRIB-2024-003
This module enables you to allow and/or require users to use a second authentication method in addition to password authentication. In some cases, the module allows users to log in with an authentication plugin that an administrator has disabled. This vulnerability is mitigated by the fact that a...
GraphQL - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2023-051
The GraphQL module enables you to build GraphQL APIs which can include data fetching through Queries and data updates create, update, delete through mutations. The module does not sufficiently validate incoming requests that are made from domains other than the one serving the GraphQL endpoint. I...
Drupal core - Moderately critical - Information Disclosure - SA-CORE-2023-002
The Media module does not properly check entity access in some circumstances. This may result in users seeing thumbnails of media items they do not have access to, including for private files. This release was coordinated with SA-CONTRIB-2023-010. This advisory is not covered by Drupal Steward...
CKEditor 4 - WYSIWYG HTML editor - Moderately critical - Cross site scripting - SA-CONTRIB-2020-007
The CKEditor module and its predecessor, FCKeditor module allows Drupal to replace textarea fields with CKEditor 3.x/4.x FCKeditor 2.x in case of FCKeditor module - a visual HTML editor, sometimes called WYSIWYG editor. Due to the usage of the JavaScript eval function on non-filtered data in admi...
Search Autocomplete - Moderately critical - Cross Site Scripting - SA-CONTRIB-2018-070
This Search Autocomplete module enables you to autocomplete textfield using data from your website nodes, comments, etc... The module doesn't sufficiently filter user-entered text among the autocompletion items leading to a Cross Site Scripting XSS vulnerability. This vulnerability can be exploit...
CKEditor Upload Image - Critical - Access bypass - SA-CONTRIB-2018-014
This module enables you to drag and drop or paste images into CKEditor. The module does not sufficiently verify users permissions, which leads to anonymous users being able to upload files to the server...
PRLP - Critical - Access Bypass and Privilege Escalation - SA-CONTRIB-2017-030
This module adds a form on the password-reset-landing page to allow changing the password of the user during the log in process. The module does not sufficiently validate all access tokens, which allows an attacker to change the password of any arbitrary user and gain access to their account. In...
OpenLucius - Moderately Critical - Multiple vulnerabilities - SA-CONTRIB-2017-004
OpenLucius is a work management platform for social communication, documentation, and projects. The distribution doesn't sufficiently use tokens when marking messages for users as read thereby exposing a Cross Site Request Forgery CSRF vulnerability. The distribution does not sufficiently filter...
Values - Critical - Arbitrary PHP code execution - SA-CONTRIB-2015-172
This module enables you to create key|value pairs for use in list fields, webforms etc. The module includes an import page that runs eval on an exported code block ctools, but the permission for the page does not warn about security concerns of importing raw php code like this trusted permission...
Login Disable - Access Bypass - Moderately Critical - SA-CONTRIB-2015-162
This module enables you to prevent existing users from logging in to your Drupal site unless they know the secret key to add to the end of the ?q=user login form page. The Login Disable module doesn't support other contributed user authentication modules like CAS or URL Login. When combined with...
Content Construction Kit (CCK) - Less Critical - Open Redirect - SA-CONTRIB-2015-126
The Content Construction Kit CCK project is a set of modules that allows you to add custom fields to nodes using a web browser. CCK uses a "destinations" query string parameter in URLs to redirect users to new destinations after completing an action on a few administration pages. Under certain...
Acquia Cloud Site Factory Connector - Less Critical - Open Redirect - SA-CONTRIB-2015-125
Acquia Cloud Site Factory provides an environment and a robust set of tools that simplify management of many Drupal sites, allowing you to quickly deliver and manage any number of websites. The module ships with a modified version of the core Overlay JavaScript file, which is vulnerable to an ope...
HTTP Strict Transport Security - Moderately Critical - Logical Error - SA-CONTRIB-2015-118
The contributed HSTS module makes it easy for site administrators to implement HTTP Strict Transport Security HSTS by setting the Strict-Transport-Security header on each page generated by Drupal. HSTS module provides a configuration UI for the HSTS "include subdomains" directive, which indicates...
jQuery Update - Less Critical - Open Redirect - SA-CONTRIB-2015-123
The jQuery Update module enables you to update jQuery on your site. The module ships with a modified version of the core Overlay JavaScript file, which is vulnerable to an open redirect attack see SA-CORE-2015-002. Only sites with the Overlay module enabled are vulnerable. CVE identifiers issued...
Novalnet Payment Module Drupal Commerce - Critical - SQL Injection - Unsupported - SA-CONTRIB-2015-117
This module enables you add the Novalnet payment service provider to Drupal Commerce. The module fails to sanitize a database query by not using the database API properly, thereby leading to a SQL Injection vulnerability. Since the affected path is not protected against CSRF, a malicious user can...
Ubercart Webform Checkout Pane - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-087
Ubercart Webform Checkout Pane module allows you to define Webform nodes as checkout/order panes in Ubercart. The module doesn't sufficiently sanitize user supplied text in some pages, thereby exposing a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact that an...
SA-CONTRIB-2015-047 - Panopoly Magic - Cross Site Scripting (XSS)
This module enables live previews of Panels panes in the modal dialog for adding or editing them. The module doesn't sufficiently filter the pane title when re-rendering the live preview. This vulnerability is mitigated by the fact that an attacker must have permission to add or edit Panels panes...
SA-CONTRIB-2015-048 - Avatar Uploader - Arbitrary PHP code execution
Avatar Uploader module provides an alternative way to upload user pictures. The module doesn't sufficiently enforce file extensions when an avatar is uploaded, allowing users to bypass Drupal's normal file upload protections to install malicious HTML or executable code to the server. This...