Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 20 Feb 2013 20:42:15 -0800
From: Forest Monsen <forest.monsen@...il.com>
To: Kurt Seifried <kseifried@...hat.com>
CC: oss-security@...ts.openwall.com
Subject: CVE request for Drupal Core and contributed modules

Hi Kurt,

Here's a request for CVE identifiers for several issues:

SA-CORE-2013-002 - Drupal core - Denial of service
http://drupal.org/SA-CORE-2013-002

SA-CONTRIB-2013-015 - Manager Change for Organic Groups - Cross site
scripting (XSS)
http://drupal.org/node/1916312

SA-CONTRIB-2013-016 - Banckle Chat - Access bypass - Unsupported
http://drupal.org/node/1916370

SA-CONTRIB-2013-017 - Yandex.Metrics - Cross site scripting (XSS)
http://drupal.org/node/1922400

SA-CONTRIB-2013-018 - Taxonomy Manager - Cross Site Request Forgery (CSRF)
http://drupal.org/node/1922410

SA-CONTRIB-2013-019 - Ubercart Views - Cross site scripting (XSS)
http://drupal.org/node/1922416

SA-CONTRIB-2013-020 - Ubercart - Cross site scripting (XSS)
http://drupal.org/node/1922418

SA-CONTRIB-2013-021 - Display Suite - Cross Site Scripting (XSS)
http://drupal.org/node/1922438

SA-CONTRIB-2013-022 - Menu Reference - Cross site scripting (XSS)
http://drupal.org/node/1922446

SA-CONTRIB-2013-023 - Varnish module - Cross Site Scripting (XSS)
http://drupal.org/node/1922756

Thanks!

Forest

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.