[Full-disclosure] [Security-news] SA-CONTRIB-2012-029 - Taxonomy Views Integrator - Cross Site Scripting (XSS)

] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter

[Full-disclosure] [Security-news] SA-CONTRIB-2012-028 - Hierarchical Select - Cross Site Scripting (XSS)

://drupal.org/security-team [13] http://drupal.org/writing-secure-code [14] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-027 - Submenu Tree -Cross Site Scripting

://drupal.org/user/132729 [9] http://drupal.org/user/102818 [10] http://drupal.org/contact [11] http://drupal.org/security-team [12] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list

[Full-disclosure] [Security-news] SA-CONTRIB-2012-026 - ZipCart - Access bypass

/security-team [14] http://drupal.org/writing-secure-code [15] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-024 - MediaFront - Cross Site Scripting

] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full

[Full-disclosure] [Security-news] SA-CONTRIB-2012-025 - Cool aid; Editable help messages - Multiple vulnerabilities

___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia

[Full-disclosure] [Security-news] SA-CONTRIB-2012-030 - Data - Cross Site Scripting (XSS)

://drupal.org/contact [11] http://drupal.org/security-team [12] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security

[Full-disclosure] [Security-news] SA-CONTRIB-2012-031 - Multiple Modules Unsupported - UC PayDutchGroup - Information leakage and Multisite Search sql injection

-code [12] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe

[Full-disclosure] [Security-news] SA-CONTRIB-2012-032 - Block Class - Cross Site scripting

/143552 [8] http://drupal.org/user/102818 [9] http://drupal.org/contact [10] http://drupal.org/security-team [11] http://drupal.org/writing-secure-code [12] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org

[Full-disclosure] [Security-news] SA-CONTRIB-2012-034 - Node Recommendation Cross Site Scripting (XSS)

___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia

[Full-disclosure] [Security-news] SA-CONTRIB-2012-033 - Read More Link - Cross Site Scripting

://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-035 - Webform Cross Site Scripting (XSS)

://drupal.org/writing-secure-code [15] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full

[Full-disclosure] [Security-news] DRUPAL-PSA-2012-001 - localizations - Cross Site Scripting

___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html

[Full-disclosure] [Security-news] SA-CONTRIB-2012-036 - Multiple Modules Unsupported

/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-037 - Slidebox - access bypass

___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-040 - CKEditor and FCKeditor - multiple XSS, arbitrary code execution

-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure

[Full-disclosure] [Security-news] SA-CONTRIB-2012-038 - Views Language Switcher Cross Site Scripting (XSS)

] http://drupal.org/security-team [12] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-039 - Language Icons - Cross Site Scripting (XSS)

/security-team [14] http://drupal.org/writing-secure-code [15] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-041 - Fancy Slide - Cross Site Scripting (XSS)

-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] [Security-news] SA-CONTRIB-2012-042 - Wishlist Cross Site Scripting (XSS)

/302225 [8] http://drupal.org/user/33718 [9] http://drupal.org/user/36762 [10] http://drupal.org/contact [11] http://drupal.org/security-team [12] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-043 - MultiBlock - Cross Site Scripting

/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full

[Full-disclosure] [Security-news] SA-CONTRIB-2012-044 - Contact Forms - Cross Site Scripting

/383424 [8] http://drupal.org/user/29262 [9] http://drupal.org/user/36762 [10] http://drupal.org/contact [11] http://drupal.org/security-team [12] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-045 - AddToAny - Cross Site Scripting

/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-047 - Ubercart Views - Information disclosure

___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted

[Full-disclosure] [Security-news] SA-CONTRIB-2012-046 - Bundle Copy - Arbitrary Code execution

-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] [Security-news] SA-CONTRIB-2012-048 - Contact Save - Cross Site Scripting

://drupal.org/user/36598 [8] http://drupal.org/contact [9] http://drupal.org/security-team [10] http://drupal.org/writing-secure-code [11] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-049 - ShareThis - Multiple Vulnerablies

://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-050 - CDN2 Video - Unsupported

/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk

[Full-disclosure] [Security-news] SA-CONTRIB-2012-053 - Organic Groups - Access Bypass

] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-054 - Chaos tool suite - Cross Site Scripting (XSS)

___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia

[Full-disclosure] [Security-news] SA-CONTRIB-2012-051 - Activity - Multiple Vulnerablities

] http://drupal.org/user/36762 [9] http://drupal.org/contact [10] http://drupal.org/security-team [11] http://drupal.org/writing-secure-code [12] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-052 - Node Limit Number - Cross Site Request Forgery

://drupal.org/user/102818 [10] http://drupal.org/user/36762 [11] http://drupal.org/contact [12] http://drupal.org/security-team [13] http://drupal.org/writing-secure-code [14] http://drupal.org/security/secure-configuration ___ Security-news mailing list

[Full-disclosure] [Security-news] SA-CONTRIB-2012-055 - Fusion theme - Cross Site Scripting (XSS)

-secure-code [20] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe

[Full-disclosure] [Security-news] SA-CONTRIB-2012-056 - Janrain Engage - Sensitive Data Protection Vulnerability

[10] http://drupal.org/contact [11] http://drupal.org/security-team [12] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman

[Full-disclosure] [Security-news] SA-CONTRIB-2012-057 - Printer, email and PDF versions - Cross Site Scripting (XSS)

/contact [15] http://drupal.org/security-team [16] http://drupal.org/writing-secure-code [17] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-058 - Fivestar - Input Validation

___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia

[Full-disclosure] [Security-news] SA-CONTRIB-2012-059 - Autosave - Cross Site Scripting

/user/36762 [11] http://drupal.org/contact [12] http://drupal.org/security-team [13] http://drupal.org/writing-secure-code [14] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org

[Full-disclosure] [Security-news] SA-CONTRIB-2012-060 - Commerce Reorder - Cross Site Request Forgery

[12] http://drupal.org/security-team [13] http://drupal.org/writing-secure-code [14] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-061 - Gigya - Social optimization - Cross Site Scripting (XSS)

[14] http://drupal.org/writing-secure-code [15] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-062 - Creative Commons - Cross Site Scripting (XSS)

://drupal.org/user/102818 [11] http://drupal.org/contact [12] http://drupal.org/security-team [13] http://drupal.org/writing-secure-code [14] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-063 - RealName - Cross Site Scripting (XSS)

___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html

[Full-disclosure] [Security-news] SA-CONTRIB-2012-064 - Ubercart - Multiple vulnerabilities

://drupal.org/writing-secure-code [18] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full

Re: [Full-disclosure] [Security-news] SA-CONTRIB-2012-063 - RealName - Cross Site Scripting (XSS)

Hi - WIll you please remove me from this list? Thank you! On Apr 25, 2012, at 12:49 PM, security-n...@drupal.org wrote: security-n...@drupal.org ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo

[Full-disclosure] [Security-news] SA-CONTRIB-2012-065 - Sitedoc - Information disclosure

/181798 [9] http://drupal.org/contact [10] http://drupal.org/security-team [11] http://drupal.org/writing-secure-code [12] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org

[Full-disclosure] [Security-news] SA-CONTRIB-2012-066 - Spaces and Spaces OG - Access Bypass

] http://drupal.org/contact [13] http://drupal.org/security-team [14] http://drupal.org/writing-secure-code [15] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman

[Full-disclosure] [Security-news] SA-CONTRIB-2012-067 - Linkit - Access bypass

-code [12] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe

[Full-disclosure] [Security-news] SA-CONTRIB-2012-068 - Node Gallery - Cross Site Request Forgery (CSRF) - Unsupported

://drupal.org/user/102818 [7] http://drupal.org/contact [8] http://drupal.org/security-team [9] http://drupal.org/writing-secure-code [10] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org

[Full-disclosure] [Security-news] SA-CONTRIB-2012-069 - Addressbook - Multiple vulnerabilities - Unsupported

___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html

[Full-disclosure] [Security-news] SA-CONTRIB-2012-070 - Taxonomy Grid : Catalog - Cross Site Scripting (XSS) - Unsupported

://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-071 - Glossify - Cross Site Scripting (XSS) - Unsupported

-secure-code [9] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe

[Full-disclosure] [Security-news] SA-CONTRIB-2012-072 - cctags - Cross Site Scripting (XSS)

/user/36762 [13] http://drupal.org/contact [14] http://drupal.org/security-team [15] http://drupal.org/writing-secure-code [16] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org

[Full-disclosure] [Security-news] SA-CORE-2012-002 - Drupal core multiple vulnerabilities

] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter

[Full-disclosure] [Security-news] SA-CONTRIB-2012-073 - Glossary - Cross-Site Scripting (XSS)

[11] http://drupal.org/security-team [12] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-074 - Contact Forms - Access Bypass

://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full

[Full-disclosure] [Security-news] SA-CONTRIB-2012-075 - Take Control - Cross Site Request Forgery (CSRF)

] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter

[Full-disclosure] [Security-news] SA-CONTRIB-2012-076 - Ubercart Product Keys Access Bypass

://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-77 - Advertisement - Cross Site Scripting Information Disclosure

/writing-secure-code [15] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We

[Full-disclosure] [Security-news] SA-CONTRIB-2012-078 - Smart Breadcrumb - Cross Site Scripting (XSS)

://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full

[Full-disclosure] [Security-news] SA-CONTRIB-2012-079 - Post Affiliate Pro - Cross Site Scripting (XSS) and Access Bypass - Unsupported

/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full

[Full-disclosure] [Security-news] SA-CONTRIB-2012-080 - Hostmaster (Aegir) - Access Bypass and Cross Site Scripting (XSS)

://drupal.org/security-team [15] http://drupal.org/writing-secure-code [16] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-081 - Aberdeen - Cross Site Scripting

://drupal.org/writing-secure-code [16] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full

[Full-disclosure] [Security-news] SA-CONTRIB-2012-082 - Zen - Cross Site Scripting

] http://drupal.org/writing-secure-code [16] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-083 - Taxonomy List - Cross Site Scripting (XSS)

/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full

[Full-disclosure] [Security-news] SA-CONTRIB-2012-084 - Search API - Cross Site Scripting (XSS)

[10] http://drupal.org/contact [11] http://drupal.org/security-team [12] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman

[Full-disclosure] [Security-news] SA-CONTRIB-2012-085 - BrowserID - Multiple Vulnerabilities

/writing-secure-code [15] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We

[Full-disclosure] [Security-news] SA-CONTRIB-2012-086 - Amadou - Cross Site Scripting

/143172 [11] http://drupal.org/user/143172 [12] http://drupal.org/contact [13] http://drupal.org/security-team [14] http://drupal.org/writing-secure-code [15] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n

[Full-disclosure] [Security-news] SA-CONTRIB-2012-087 - Comment Moderation - Cross Site Request Forgery

/team-members [10] http://drupal.org/contact [11] http://drupal.org/security-team [12] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-088 - Mobile Tools - Cross Site Scripting (XSS)

://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-089 - Counter - SQL Injection (unsupported)

] http://drupal.org/writing-secure-code [10] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full

[Full-disclosure] [Security-news] SA-CONTRIB-2012-090 - File depot - Session Management Vulnerability

___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-091 - Token Authentication - Access bypass

] http://drupal.org/contact [9] http://drupal.org/security-team [10] http://drupal.org/writing-secure-code [11] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo

[Full-disclosure] [Security-news] SA-CONTRIB-2012-092 - Organic Groups - Cross Site Scripting (XSS) and Access Bypass

] http://drupal.org/writing-secure-code [16] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-093 - Node Embed - Access Bypass

://drupal.org/user/109890 [9] http://drupal.org/user/36762 [10] http://drupal.org/contact [11] http://drupal.org/security-team [12] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list

[Full-disclosure] [Security-news] SA-CONTRIB-2012-094 - Maestro module - Cross Site Request Forgery (CSRF), Cross Site Scripting (XSS)

://drupal.org/user/66894 [12] http://drupal.org/contact [13] http://drupal.org/security-team [14] http://drupal.org/writing-secure-code [15] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-095 - Simplenews - Information Disclosure

___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-096 - Authoring HTML - Cross Site Scripting (XSS)

___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure

[Full-disclosure] [Security-news] SA-CONTRIB-2012-097 - Protest - Cross Site Scripting (XSS)

://drupal.org/security-team [12] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-098 - Janrain Capture - Open Redirect

://drupal.org/user/1350078 [9] http://drupal.org/user/49851 [10] http://drupal.org/contact [11] http://drupal.org/security-team [12] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n

[Full-disclosure] [Security-news] SA-CONTRIB-2012-099 - Node Hierarchy - Cross Site Request Forgery (CSRF)

://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter

[Full-disclosure] [Security-news] SA-CONTRIB-2012-100 - SimpleMeta - Cross Site Request Forgery (CSRF)

/user/36762 [9] http://drupal.org/user/102818 [10] http://drupal.org/contact [11] http://drupal.org/security-team [12] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n

[Full-disclosure] [Security-news] SA-CONTRIB-2012-101 - Protected Node - Access Bypass

://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full

[Full-disclosure] [Security-news] SA-CONTRIB-2012-102 - Ubercart AJAX Cart - Potential Disclosure of user Session ID

/contact [11] http://drupal.org/security-team [12] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo

[Full-disclosure] [Security-news] SA-CONTRIB-2012-103 - Global Redirect - Open Redirect

/writing-secure-code [20] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full

[Full-disclosure] [Security-news] SA-CONTRIB-2012-104 - Privatemsg - Cross Site Scripting (XSS)

://drupal.org/writing-secure-code [15] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-114 - Campaign Monitor - Cross Site Scripting (XSS)

-team [11] http://drupal.org/writing-secure-code [12] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-115 - Gallery formatter - Cross Site Scripting (XSS)

] http://drupal.org/contact [10] http://drupal.org/security-team [11] http://drupal.org/writing-secure-code [12] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org

[Full-disclosure] [Security-news] SA-CONTRIB-2012-116 - Subuser Cross Site Request Forgery (CSRF) and Access Bypass

/102818 [12] http://drupal.org/contact [13] http://drupal.org/security-team [14] http://drupal.org/writing-secure-code [15] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-117 - Location - Access Bypass

://drupal.org/contact [13] http://drupal.org/security-team [14] http://drupal.org/writing-secure-code [15] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman

[Full-disclosure] [Security-news] SA-CONTRIB-2012-118 - Secure Login - Open Redirect

___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html

[Full-disclosure] [Security-news] SA-CONTRIB-2012-119 - Excluded Users - Cross Site Scripting (XSS)

___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html

[Full-disclosure] [Security-news] SA-CONTRIB-2012-120 - Monthly Archive by Node Type - Access Bypass (unsupported)

/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-121 - Shorten URLs - Cross Site Scripting (XSS)

___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted

[Full-disclosure] [Security-news] SA-CONTRIB-2012-122 - Better Revisions - Cross Site Scripting (XSS)

://drupal.org/user/262198 [9] http://drupal.org/contact [10] http://drupal.org/security-team [11] http://drupal.org/writing-secure-code [12] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe

[Full-disclosure] [Security-news] SA-CONTRIB-2012-123 - Shibboleth authentication - Access Bypass

___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored

[Full-disclosure] [Security-news] SA-CONTRIB-2012-124 - Mime Mail - Access Bypass

/53892 [11] http://drupal.org/contact [12] http://drupal.org/security-team [13] http://drupal.org/writing-secure-code [14] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-125 - Chaos tool suite (ctools) - Local File Inclusion and Cross Site Scripting (XSS)

___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted

[Full-disclosure] [Security-news] SA-CONTRIB-2012-126 - Hotblocks - Cross Site Scripting (XSS) and Denial of Service (DoS)

-team [11] http://drupal.org/writing-secure-code [12] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-128 - Elegant Theme - Cross Site Scripting (XSS)

-secure-code [12] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure

[Full-disclosure] [Security-news] SA-CONTRIB-2012-127 - Custom Publishing Options - Cross Site Scripting (XSS) Vulnerability

___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted

[Full-disclosure] [Security-news] SA-CONTRIB-2012-132 - Announcements - Access Bypass

/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http

  1   2   3   >