Drupal Webmail Plus third party module version 6.x suffers from a remote SQL injection vulnerability.
6fa3935c9e1b5fd40c0dc10a06f1425b572bff4c3acc8054a6de33b5695f47a8
Drupal Organic Groups third party module version 6.x suffers from access bypass and cross site scripting vulnerabilities.
b56a43fd6cb4f6b56f362161245de3105f1a148e93042618473ddbf92210cccc