August 2016

Administration Views - Critical - Access bypass

* Advisory ID: DRUPAL-SA-CONTRIB-2016-041
* Project: Administration Views (third-party module)
* Version: 7.x
* Date: 2016-August-03
* Security risk: 16/25 ( Critical)
* Vulnerability: Access bypass

DESCRIPTION

Administration Views module replaces overview/listing pages with actual views
for superior usability.

The module does not check access properly under certain circumstances.
Anonymous users could get access to read information they should not have
access to.

VERSIONS AFFECTED

Google Analytics - Moderately Critical - Cross Site Scripting

* Advisory ID: DRUPAL-SA-CONTRIB-2016-042
* Project: Google Analytics
* Version: 7.x, 8.x
* Date: 2016-August-10
* Security risk: 13/25 ( Moderately Critical)
* Vulnerability: Cross Site Scripting

DESCRIPTION

This module enables you to add integration with Google Analytics statistics service. The module allows admin users to enter custom JavaScript snippets to add advanced tracking functionality. The permission required to enter this JavaScript was not marked as restricted.

Piwik - Moderately Critical - Cross Site Scripting

* Advisory ID: DRUPAL-SA-CONTRIB-2016-043
* Project: Piwik Web Analytics
* Version: 7.x, 8.x
* Date: 2016-August-10
* Security risk: 13/25 (Moderately Critical)
* Vulnerability: Cross Site Scripting

DESCRIPTION

This module enables you to add integration with Piwik statistics service.
The module allows admin users to enter custom JavaScript snippets to add
advanced tracking functionality. The permission required to enter this
JavaScript was not marked as restricted.

OAuth2 Client- Moderately Critical

* Advisory ID: DRUPAL-SA-CONTRIB-2016-044
* Project: OAuth2 Client
* Version: 7.x
* Date: 2016-August-10
* Security risk: 10/25
* Vulnerability: Cross Site Request Forgery

DESCRIPTION

This module provides an OAuth2 client.

The module does not check the validity of the state parameter, during server-side flow, before getting a token. This may allow a malicious user to feed a fake access_token to another user, and subsequently provide him fake data from the server.

Require Login - Moderately Critical - Multiple vulnerabilities

* Advisory ID: SA-CONTRIB-2016-045
* Project: Require Login
* Version: 7.x, 8.x
* Date: 2016-August-10
* Security risk: 13/25
* Vulnerability: Cross Site Scripting, Access bypass

DESCRIPTION

This module enables you to restrict site access without using user roles or
permissions.

The module does not sufficiently escape some of its settings, and, in some
cases, allows malicious users to bypass the protection offered by Require
Login.

Hosting - Less Critical - Access bypass

* Advisory ID: DRUPAL-SA-CONTRIB-2016-046
* Project: Hosting
* Version: 7.x
* Date: 2016-August-17
* Security risk: 9/25
* Vulnerability: Access bypass

DESCRIPTION

The Hosting module is a core component of the Aegir Hosting System.
This install profile, and accompanying suite of modules, is a hosting system
that sits alongside a LAMP or LEMP server to create, deploy and manage Drupal
sites.

Panelizer - Moderately Critical - Access Bypass

* Advisory ID: DRUPAL-SA-CONTRIB-2014-048
* Project: Panelizer
* Version: 7.x
* Date: 2016-August-17
* Security risk: 12/25
* Vulnerability: Access bypass

DESCRIPTION

Panelizer enables you to use Panels to replace the display of any entity, and
even modify the Panels configuration in-place using the Panels In-Place
Editor (IPE).

Workbench Scheduler - Moderately Critical - Access Bypass

* Advisory ID: DRUPAL-SA-CONTRIB-2016-049
* Project: Workbench Scheduler
* Version: 7.x
* Date: 2016-August-24
* Security risk: 13/25
* Vulnerability: Access bypass

DESCRIPTION

Workbench Scheduler module provides users with the ability to create
schedules that change moderated content from one workbench moderation state
to another.

An authenticated user could add a schedule to a node even when that content
type has schedules disabled.

Flag - Moderately Critical - Access Bypass

* Advisory ID: DRUPAL-SA-CONTRIB-2016-050
* Project: Flag
* Version: 7.x
* Date: 2016-August-31
* Security risk: 12/25 ( Moderately Critical)
* Vulnerability: Information Disclosure

DESCRIPTION

Flag enables users to mark content with any number of admin-defined flags,
such as 'bookmarks' or 'spam'. Flag Bookmark is a submodule within Flag,
which provides a 'bookmarks' flag, and default views to list bookmarked
content.