Project Management

In this week’s Drupalize.Me podcast, hostess Amber Matz chats about all things Project Management with Seth Brown (COO at Lullabot) and Lullabot Technical Project Managers Jessica Mokrzecki and Jerad Bitner. To continue the conversation, check out Drupalize.Me’s series on Project Management featuring interviews and insights[…]

Drupal Core – Critical – Multiple Vulnerabilities – SA-CORE-2015-002

Advisory ID: DRUPAL-SA-CORE-2015-002 Project: Drupal core Version: 6.x, 7.x Date: 2015-June-17 Security risk: 15/25 ( Critical) AC:Basic/A:None/CI:Some/II:Some/E:Theoretical/TD:Default Vulnerability: Access bypass, Information Disclosure, Open Redirect, Multiple vulnerabilities Description Impersonation (OpenID module – Drupal 6 and 7 – Critical) A vulnerability was found in the OpenID module[…]

Drupal Core – Moderately Critical – Multiple Vulnerabilities – SA-CORE-2015-001

Advisory ID: DRUPAL-SA-CORE-2015-001 Project: Drupal core Version: 6.x, 7.x Date: 2015-March-18 Security risk: 14/25 ( Moderately Critical) AC:Complex/A:None/CI:Some/II:Some/E:Theoretical/TD:Default Vulnerability: Access bypass, Open Redirect, Multiple vulnerabilities Description Access bypass (Password reset URLs – Drupal 6 and 7) Password reset URLs can be forged under certain circumstances,[…]

Drupal Core – Moderately Critical – Multiple Vulnerabilities – SA-CORE-2014-006

Advisory ID: DRUPAL-SA-CORE-2014-006 Project: Drupal core Version: 6.x, 7.x Date: 2014-November-19 Security risk: 14/25 ( Moderately Critical) AC:Basic/A:None/CI:Some/II:Some/E:Theoretical/TD:Uncommon Vulnerability: Multiple vulnerabilities Description Session hijacking (Drupal 6 and 7) A specially crafted request can give a user access to another user’s session, allowing an attacker to[…]