The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Drupal Modules ~ not comprehensive

Drupal CKEditor: Cross Site Scripting via Admin Section
An attacker can trigger a Cross Site Scripting via Admin Section of Drupal CKEditor, in order to run JavaScript code in the context of the web site...
DRUPAL-SA-CONTRIB-2020-007, VIGILANCE-VUL-31825
Drupal Views Bulk Operations: privilege escalation via hook_action_info_alter
An attacker can bypass restrictions via hook_action_info_alter of Drupal Views Bulk Operations, in order to escalate his privileges...
DRUPAL-SA-CONTRIB-2020-003, VIGILANCE-VUL-31532
Drupal SpamSpan: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal SpamSpan, in order to run JavaScript code in the context of the web site...
DRUPAL-SA-CONTRIB-2020-002, VIGILANCE-VUL-31416
Drupal Radix: Cross Site Scripting via Menu Titles Dropdown
An attacker can trigger a Cross Site Scripting via Menu Titles Dropdown of Drupal Radix, in order to run JavaScript code in the context of the web site...
DRUPAL-SA-CONTRIB-2020-001, VIGILANCE-VUL-31346
Drupal Permissions by Term: information disclosure
An attacker can bypass access restrictions to data of Drupal Permissions by Term, in order to obtain sensitive information...
DRUPAL-SA-CONTRIB-2019-095, VIGILANCE-VUL-31138
Drupal Modal Page: privilege escalation
An attacker can bypass restrictions of Drupal Modal Page, in order to escalate his privileges...
DRUPAL-SA-CONTRIB-2019-094, VIGILANCE-VUL-31137
Drupal Taxonomy Access Fix: privilege escalation
An attacker can bypass restrictions of Drupal Taxonomy Access Fix, in order to escalate his privileges...
DRUPAL-SA-CONTRIB-2019-093, VIGILANCE-VUL-31136
Drupal Smart Trim: Cross Site Scripting via Text Summary Fields
An attacker can trigger a Cross Site Scripting via Text Summary Fields of Drupal Smart Trim, in order to run JavaScript code in the context of the web site...
DRUPAL-SA-CONTRIB-2019-092, VIGILANCE-VUL-31135
Drupal Booking and Availability Management Tools: information disclosure via Bat Events
An attacker can bypass access restrictions to data via Bat Events of Drupal Booking and Availability Management Tools, in order to obtain sensitive information...
DRUPAL-SA-CONTRIB-2019-074, VIGILANCE-VUL-30645
Drupal Maxlength: Cross Site Scripting via Filter
An attacker can trigger a Cross Site Scripting via Filter of Drupal Maxlength, in order to run JavaScript code in the context of the web site...
DRUPAL-SA-CONTRIB-2019-073, VIGILANCE-VUL-30567
Our database contains other pages. You can request a free trial to read them.

Display information about Drupal Modules ~ not comprehensive: