The AltaGrade Blog
As we are approaching the year 2020 we would like to thank you for entrusting your Drupal, Backdrop and WordPress websites to us. We appreciate your business with AltaGrade and assure you that we will deliver more convenient features to our hosting platform and better enhancements to our ticket processing and billing portal in 2020.
Projects: Multiple Date: 2019-November-13 Security risk: Critical Vulnerability: Unsupported
Drupal Security team released multiple security advisories earlier today, notifying the following contributed modules and themes have been marked as unsupported and therefore should be either fixed or uninstalled:
Project: Booking and Availability Management Tools for Drupal Date: 2019-October-16 Security risk: Moderately critical 11∕25 Vulnerability: Access Bypass
The Bat module provides a foundation through which a wide range of availability management, reservation and booking use cases can be addressed.
The routes used to view events don't sufficiently guard access for non-privileged users. Specifically, a user with the 'View own' permission for bat events can view others' events as well.
Type: Maintenance work Category: Advanced infrastructure Start: October 16, 2019 3:00 AM CEST End: October 16, 2019 3:05 AM CEST
In the above mentioned period maintenance on our European data-center will be performed. During this maintenance, the affected servers and the websites hosted accounts on them will not be available for about five minutes.
AltaGrade clients who have their projects hosted on Germany-based AltaGrade servers.
Project: Maxlength Date: 2019-October-09 Security risk: Moderately critical 13∕25 Vulnerability: Cross Site Scripting
This module enables you to set a maximum length allowed on text fields and indicate how many characters are left.
The module doesn't sufficiently filter strings leading to a Cross Site Scripting (XSS) vulnerability.