[Full-disclosure] [Security-news] SA-CONTRIB-2013-027 - Professional theme - Cross Site Scripting (XSS)

-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk

[Full-disclosure] [Security-news] SA-CONTRIB-2013-032 - Company theme - Cross Site Scripting (XSS)

___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted

[Full-disclosure] [Security-news] SA-CONTRIB-2013-030 - Clean Theme - Cross Site Scripting (XSS)

___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted

[Full-disclosure] [Security-news] SA-CONTRIB-2013-016 - Banckle Chat - Access bypass - Unsupported

/user/1028156 [7] http://drupal.org/user/83 [8] http://drupal.org/contact [9] http://drupal.org/security-team [10] http://drupal.org/writing-secure-code [11] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n

[Full-disclosure] [Security-news] SA-CONTRIB-2013-015 - Manager Change for Organic Groups - Cross site scripting (XSS)

://drupal.org/user/102818 [8] http://drupal.org/contact [9] http://drupal.org/security-team [10] http://drupal.org/writing-secure-code [11] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe

[Full-disclosure] [Security-news] SA-CONTRIB-2013-011 - email2image - Access Bypass - Unsupported

] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe

[Full-disclosure] [Security-news] SA-CONTRIB-2013-014 - Drush Debian Packaging - Information Disclosure - Unsupported

://drupal.org/user/2322458 [7] http://drupal.org/user/36762 [8] http://drupal.org/contact [9] http://drupal.org/security-team [10] http://drupal.org/writing-secure-code [11] http://drupal.org/security/secure-configuration ___ Security-news mailing list

[Full-disclosure] [Security-news] SA-CONTRIB-2013-013 - Boxes - Cross site scripting (XSS)

] http://drupal.org/contact [12] http://drupal.org/security-team [13] http://drupal.org/writing-secure-code [14] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org

[Full-disclosure] [Security-news] SA-CONTRIB-2013-012 - Google Authenticator login - Access Bypass

] http://drupal.org/security-team [13] http://drupal.org/writing-secure-code [14] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2013-006 - Video - Arbitrary Code Execution

___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure

[Full-disclosure] [Security-news] SA-CONTRIB-2013-007 User Relationships - Cross Site Scripting (XSS)

/security-team [13] http://drupal.org/writing-secure-code [14] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2013-008 - CurvyCorners - Cross Site Scripting (XSS) - module unsupported

-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk

[Full-disclosure] [Security-news] SA-CONTRIB-2013-009 - Keyboard Shortcut Utility - Access Bypass - module unsupported

] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe

[Full-disclosure] [Security-news] SA-CONTRIB-2013-010 - Search API sorts - Cross Site Scripting (XSS)

___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure

[Full-disclosure] [Security-news] SA-CONTRIB-2013-004 - Live CSS - Arbitrary Code Execution

] http://drupal.org/writing-secure-code [16] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2013-003 - RESTful Web Services - Cross site request forgery (CSRF)

/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http

[Full-disclosure] [Security-news] SA-CONTRIB-2013-005 - Mark Complete Module - Cross Site Request Forgery (CSRF)

___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full

[Full-disclosure] [Security-news] SA-CORE-2013-001 - Drupal core - Multiple vulnerabilities

___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia

[Full-disclosure] [Security-news] SA-CONTRIB-2013-001 - Search API - Cross Site Scripting

://drupal.org/user/36762 [14] http://drupal.org/contact [15] http://drupal.org/security-team [16] http://drupal.org/writing-secure-code [17] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe

[Full-disclosure] [Security-news] SA-CONTRIB-2013-002 - Payment - Access Bypass

/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http

[Full-disclosure] [Security-news] SA-CORE-2012-004 - Drupal core - Multiple vulnerabilities

___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted

[Full-disclosure] [Security-news] SA-CONTRIB-2012-174 - Context - Information Disclosure

] http://drupal.org/security-team [14] http://drupal.org/writing-secure-code [15] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-173 - Nodewords: Information disclosure

://drupal.org/user/347249 [11] http://drupal.org/user/36762 [12] http://drupal.org/contact [13] http://drupal.org/security-team [14] http://drupal.org/writing-secure-code [15] http://drupal.org/security/secure-configuration ___ Security-news mailing list

[Full-disclosure] [Security-news] SA-CONTRIB-2012-167 - Mixpanel - Cross site scripting (XSS)

/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-169 - Email Field - Cross Site Scripting and Access bypass

/59747 [8] http://drupal.org/user/426416 [9] http://drupal.org/user/36762 [10] http://drupal.org/contact [11] http://drupal.org/security-team [12] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-170 - MultiLink - Access Bypass

://drupal.org/writing-secure-code [15] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-168 - Services - Information Disclosure

-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk

[Full-disclosure] [Security-news] SA-CONTRIB-2012-172 - Zero Point - Cross Site Scripting (XSS)

://drupal.org/security-team [13] http://drupal.org/writing-secure-code [14] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-163 - User Read-Only - Permission escalation

-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-162 - RESTful Web Services - Cross site request forgery (CSRF)

://drupal.org/security-team [13] http://drupal.org/writing-secure-code [14] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-164 - Smiley module and Smileys module - Cross Site Scripting (XSS)

/102818 [12] http://drupal.org/contact [13] http://drupal.org/security-team [14] http://drupal.org/writing-secure-code [15] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-165 - Chaos tool suite (ctools) - Cross Site Scripting (XSS)

/262198 [10] http://drupal.org/contact [11] http://drupal.org/security-team [12] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-166 - Table of Contents - Access Bypass

://drupal.org/user/356197 [9] http://drupal.org/user/36762 [10] http://drupal.org/contact [11] http://drupal.org/security-team [12] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security

[Full-disclosure] [Security-news] SA-CONTRIB-2012-161 - Webform CiviCRM Integration - Access Bypass

://drupal.org/security-team [11] http://drupal.org/writing-secure-code [12] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-160 - OM Maximenu - Cross Site Scripting (XSS)

___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure

[Full-disclosure] [Security-news] SA-CONTRIB-2012-159 - Password policy - Information leakage of hashed passwords

] http://drupal.org/user/102818 [11] http://drupal.org/user/22211 [12] http://drupal.org/contact [13] http://drupal.org/security-team [14] http://drupal.org/writing-secure-code [15] http://drupal.org/security/secure-configuration ___ Security-news mailing

[Full-disclosure] [Security-news] SA-CONTRIB-2012-157 - Time Spent - Multiple Vulnerabilities - (unsupported)

/user/181798 [8] http://drupal.org/contact [9] http://drupal.org/security-team [10] http://drupal.org/writing-secure-code [11] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-158 - MailChimp - Cross Site Scripting (XSS)

-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http

[Full-disclosure] [Security-news] SA-CORE-2012-003 - Drupal core - Arbitrary PHP code execution and Information disclosure

/17943 [21] http://drupal.org/contact [22] http://drupal.org/security-team [23] http://drupal.org/writing-secure-code [24] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-152 - Feeds - Access bypass

/contact [12] http://drupal.org/security-team [13] http://drupal.org/writing-secure-code [14] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo

[Full-disclosure] [Security-news] SA-CONTRIB-2012-153 - Mandrill - Information Disclosure

-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-154 - Basic webmail - Multiple vulnerabilities

/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-155 - ShareThis - Cross Site Scripting (XSS)

://drupal.org/user/36762 [12] http://drupal.org/contact [13] http://drupal.org/security-team [14] http://drupal.org/writing-secure-code [15] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe

[Full-disclosure] [Security-news] SA-CONTRIB-2012-149 - Hostip - Cross Site Scripting (XSS)

-secure-code [14] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure

[Full-disclosure] [Security-news] SA-CONTRIB-2012-150 - Twitter Pull - Cross Site Scripting (XSS)

/security-team [16] http://drupal.org/writing-secure-code [17] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-151 - Commerce Extra Panes - Cross Site Request Forgery

___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored

[Full-disclosure] [Security-news] SA-CONTRIB-2012-148 - OG - Access Bypass

://drupal.org/writing-secure-code [14] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-142 - Spambot - Cross Site Scripting (XSS)

-code [15] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We

[Full-disclosure] [Security-news] SA-CONTRIB-2012-143 PRH Search - Cross Site Scripting (XSS)

] http://drupal.org/user/262198 [9] http://drupal.org/contact [10] http://drupal.org/security-team [11] http://drupal.org/writing-secure-code [12] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org

[Full-disclosure] [Security-news] SA-CONTRIB-2012-144 Fonecta verify - Cross Site Scripting (XSS)

/155131 [8] http://drupal.org/user/262198 [9] http://drupal.org/contact [10] http://drupal.org/security-team [11] http://drupal.org/writing-secure-code [12] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n

[Full-disclosure] [Security-news] SA-CONTRIB-2012-145 - Imagemenu - Cross Site Scripting (XSS)

-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-146 - Simplenews Scheduler - Arbitrary code execution

/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-147 - FileField Sources - Cross Site Scripting (XSS)

-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-140 - Inf08 - Cross Site Scripting (XSS)

___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure

[Full-disclosure] [Security-news] SA-CONTRIB-2012-141 - Mass Contact - Access bypass

[10] http://drupal.org/contact [11] http://drupal.org/security-team [12] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-139 - PDFThumb OS Injection

___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure

[Full-disclosure] [Security-news] SA-CONTRIB-2012-137 - Heartbeat - Cross Site Request Forgery (CSRF) in heartbeat_comments

://drupal.org/user/36762 [10] http://drupal.org/user/143172 [11] http://drupal.org/contact [12] http://drupal.org/security-team [13] http://drupal.org/writing-secure-code [14] http://drupal.org/security/secure-configuration ___ Security-news mailing list

[Full-disclosure] [Security-news] SA-CONTRIB-2012-138 - Exposed Filter Data - Cross Site Scripting (XSS)

___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia

[Full-disclosure] [Security-news] SA-CONTRIB-2012-132 - Announcements - Access Bypass

/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-131 - Email Field - Access Bypass

://drupal.org/user/36762 [12] http://drupal.org/contact [13] http://drupal.org/security-team [14] http://drupal.org/writing-secure-code [15] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-133 - Taxonomy Image - Cross Site Scripting (XSS) Arbitrary PHP code execution

-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-130 - Jstool - Multiple Vulnerabilities

://drupal.org/user/262198 [9] http://drupal.org/contact [10] http://drupal.org/security-team [11] http://drupal.org/writing-secure-code [12] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe

[Full-disclosure] [Security-news] SA-CONTRIB-2012-129 - Activism - Access Bypass

___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored

[Full-disclosure] [Security-news] SA-CONTRIB-2012-134 - Views - Privilege Escalation

://drupal.org/user/36762 [7] http://drupal.org/contact [8] http://drupal.org/security-team [9] http://drupal.org/writing-secure-code [10] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe

[Full-disclosure] [Security-news] SA-CONTRIB-2012-135 - CAPTCHA - Insufficient anti-automation prevention

://drupal.org/security-team [12] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-136 - Apache Solr Search Autocomplete - Cross Site Scripting (XSS)

[13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe

[Full-disclosure] [Security-news] SA-CONTRIB-2012-126 - Hotblocks - Cross Site Scripting (XSS) and Denial of Service (DoS)

-team [11] http://drupal.org/writing-secure-code [12] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-128 - Elegant Theme - Cross Site Scripting (XSS)

-secure-code [12] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure

[Full-disclosure] [Security-news] SA-CONTRIB-2012-127 - Custom Publishing Options - Cross Site Scripting (XSS) Vulnerability

___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted

[Full-disclosure] [Security-news] SA-CONTRIB-2012-121 - Shorten URLs - Cross Site Scripting (XSS)

___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted

[Full-disclosure] [Security-news] SA-CONTRIB-2012-122 - Better Revisions - Cross Site Scripting (XSS)

://drupal.org/user/262198 [9] http://drupal.org/contact [10] http://drupal.org/security-team [11] http://drupal.org/writing-secure-code [12] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe

[Full-disclosure] [Security-news] SA-CONTRIB-2012-123 - Shibboleth authentication - Access Bypass

___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored

[Full-disclosure] [Security-news] SA-CONTRIB-2012-124 - Mime Mail - Access Bypass

/53892 [11] http://drupal.org/contact [12] http://drupal.org/security-team [13] http://drupal.org/writing-secure-code [14] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-125 - Chaos tool suite (ctools) - Local File Inclusion and Cross Site Scripting (XSS)

___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted

[Full-disclosure] [Security-news] SA-CONTRIB-2012-119 - Excluded Users - Cross Site Scripting (XSS)

___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html

[Full-disclosure] [Security-news] SA-CONTRIB-2012-120 - Monthly Archive by Node Type - Access Bypass (unsupported)

/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-115 - Gallery formatter - Cross Site Scripting (XSS)

] http://drupal.org/contact [10] http://drupal.org/security-team [11] http://drupal.org/writing-secure-code [12] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org

[Full-disclosure] [Security-news] SA-CONTRIB-2012-116 - Subuser Cross Site Request Forgery (CSRF) and Access Bypass

/102818 [12] http://drupal.org/contact [13] http://drupal.org/security-team [14] http://drupal.org/writing-secure-code [15] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-117 - Location - Access Bypass

://drupal.org/contact [13] http://drupal.org/security-team [14] http://drupal.org/writing-secure-code [15] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman

[Full-disclosure] [Security-news] SA-CONTRIB-2012-118 - Secure Login - Open Redirect

___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html

[Full-disclosure] [Security-news] SA-CONTRIB-2012-114 - Campaign Monitor - Cross Site Scripting (XSS)

-team [11] http://drupal.org/writing-secure-code [12] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-104 - Privatemsg - Cross Site Scripting (XSS)

://drupal.org/writing-secure-code [15] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-098 - Janrain Capture - Open Redirect

://drupal.org/user/1350078 [9] http://drupal.org/user/49851 [10] http://drupal.org/contact [11] http://drupal.org/security-team [12] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n

[Full-disclosure] [Security-news] SA-CONTRIB-2012-099 - Node Hierarchy - Cross Site Request Forgery (CSRF)

://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter

[Full-disclosure] [Security-news] SA-CONTRIB-2012-100 - SimpleMeta - Cross Site Request Forgery (CSRF)

/user/36762 [9] http://drupal.org/user/102818 [10] http://drupal.org/contact [11] http://drupal.org/security-team [12] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n

[Full-disclosure] [Security-news] SA-CONTRIB-2012-101 - Protected Node - Access Bypass

://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full

[Full-disclosure] [Security-news] SA-CONTRIB-2012-102 - Ubercart AJAX Cart - Potential Disclosure of user Session ID

/contact [11] http://drupal.org/security-team [12] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo

[Full-disclosure] [Security-news] SA-CONTRIB-2012-103 - Global Redirect - Open Redirect

/writing-secure-code [20] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org Unsubscribe at http://lists.drupal.org/mailman/listinfo/security-news ___ Full

[Full-disclosure] [Security-news] SA-CONTRIB-2012-091 - Token Authentication - Access bypass

] http://drupal.org/contact [9] http://drupal.org/security-team [10] http://drupal.org/writing-secure-code [11] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo

[Full-disclosure] [Security-news] SA-CONTRIB-2012-092 - Organic Groups - Cross Site Scripting (XSS) and Access Bypass

] http://drupal.org/writing-secure-code [16] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-093 - Node Embed - Access Bypass

://drupal.org/user/109890 [9] http://drupal.org/user/36762 [10] http://drupal.org/contact [11] http://drupal.org/security-team [12] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list

[Full-disclosure] [Security-news] SA-CONTRIB-2012-094 - Maestro module - Cross Site Request Forgery (CSRF), Cross Site Scripting (XSS)

://drupal.org/user/66894 [12] http://drupal.org/contact [13] http://drupal.org/security-team [14] http://drupal.org/writing-secure-code [15] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-095 - Simplenews - Information Disclosure

___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-096 - Authoring HTML - Cross Site Scripting (XSS)

___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure

[Full-disclosure] [Security-news] SA-CONTRIB-2012-097 - Protest - Cross Site Scripting (XSS)

://drupal.org/security-team [12] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news

[Full-disclosure] [Security-news] SA-CONTRIB-2012-086 - Amadou - Cross Site Scripting

/143172 [11] http://drupal.org/user/143172 [12] http://drupal.org/contact [13] http://drupal.org/security-team [14] http://drupal.org/writing-secure-code [15] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n

[Full-disclosure] [Security-news] SA-CONTRIB-2012-087 - Comment Moderation - Cross Site Request Forgery

/team-members [10] http://drupal.org/contact [11] http://drupal.org/security-team [12] http://drupal.org/writing-secure-code [13] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-088 - Mobile Tools - Cross Site Scripting (XSS)

://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http

[Full-disclosure] [Security-news] SA-CONTRIB-2012-089 - Counter - SQL Injection (unsupported)

] http://drupal.org/writing-secure-code [10] http://drupal.org/security/secure-configuration ___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full

[Full-disclosure] [Security-news] SA-CONTRIB-2012-090 - File depot - Session Management Vulnerability

___ Security-news mailing list security-n...@drupal.org http://lists.drupal.org/mailman/listinfo/security-news ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http

<    1   2   3   >