[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 4 Jul 2015 21:55:06 +0200
From: Pere Orga <pere@...a.cat>
To: oss-security@...ts.openwall.com
Cc: Security Team <security@...pal.org>
Subject: CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-100
to SA-CONTRIB-2015-131)
Hi
Please can I have CVEs assigned to the following vulnerabilities:
Camtasia Relay - Cross Site Scripting (XSS) - SA-CONTRIB-2015-100
https://www.drupal.org/node/2480241
MailChimp - Cross Site Scripting (XSS) - SA-CONTRIB-2015-101
https://www.drupal.org/node/2480253
Smart Trim - Cross Site Scripting (XSS) - SA-CONTRIB-2015-102
https://www.drupal.org/node/2480321
Views - Access Bypass - SA-CONTRIB-2015-103
https://www.drupal.org/node/2480327
Dynamic display block - Access bypass - SA-CONTRIB-2015-104
https://www.drupal.org/node/2484157
Video Consultation - Cross Site Scripting (XSS) - SA-CONTRIB-2015-105
https://www.drupal.org/node/2484195
Entityform Block - Access Bypass - SA-CONTRIB-2015-106
https://www.drupal.org/node/2484169
Webform Matrix Component - Cross Site Scripting (XSS) - SA-CONTRIB-2015-107
https://www.drupal.org/node/2484231
Mobile sliding menu - Cross Site Scripting (XSS) - SA-CONTRIB-2015-108
https://www.drupal.org/node/2484233
pass2pdf - Information Disclosure - SA-CONTRIB-2015-109
https://www.drupal.org/node/2492205
Web Links - Cross Site Scripting (XSS) - SA-CONTRIB-2015-110
https://www.drupal.org/node/2492209
Shipwire - Cross Site Scripting (XSS) - SA-CONTRIB-2015-111
https://www.drupal.org/node/2492243
Navigate - Access Bypass - SA-CONTRIB-2015-112
Navigate - Cross-site scripting - SA-CONTRIB-2015-112
https://www.drupal.org/node/2492245
Aegir - Code Execution Prevention - SA-CONTRIB-2015-113
https://www.drupal.org/node/2492317
Storage API - Access Bypass - SA-CONTRIB-2015-114
https://www.drupal.org/node/2495903
Chamilo integration - Open Redirect - SA-CONTRIB-2015-115
https://www.drupal.org/node/2495931
Novalnet Payment Module Ubercart - SQL Injection - SA-CONTRIB-2015-116
https://www.drupal.org/node/2499787
Novalnet Payment Module Drupal Commerce - SQL Injection - SA-CONTRIB-2015-117
https://www.drupal.org/node/2499791
HTTP Strict Transport Security - Logical Error - SA-CONTRIB-2015-118
https://www.drupal.org/node/2507563
Apache Solr Real-Time - Access Bypass - SA-CONTRIB-2015-119
https://www.drupal.org/node/2507581
Inline Entity Form - Cross Site Scripting (XSS) - SA-CONTRIB-2015-120
https://www.drupal.org/node/2507605
The eXtensible Catalog (XC) Drupal Toolkit - Cross Site Request
Forgery (CSRF) - SA-CONTRIB-2015-121
https://www.drupal.org/node/2507619
Administration Views - Access Bypass - SA-CONTRIB-2015-122
https://www.drupal.org/node/250764
jQuery Update - Open Redirect - SA-CONTRIB-2015-123
https://www.drupal.org/node/2507729
LABjs - Open Redirect - SA-CONTRIB-2015-124
https://www.drupal.org/node/2507735
Acquia Cloud Site Factory Connector - Open Redirect - SA-CONTRIB-2015-125
https://www.drupal.org/node/2507741
Content Construction Kit (CCK) - Open Redirect - SA-CONTRIB-2015-126
https://www.drupal.org/node/2507753
HybridAuth Social Login - Access bypass - SA-CONTRIB-2015-127
https://www.drupal.org/node/2511410
me aliases - Access Bypass - SA-CONTRIB-2015-128
https://www.drupal.org/node/2511424
Shibboleth authentication - Cross Site Scripting (XSS) - SA-CONTRIB-2015-129
https://www.drupal.org/node/2511518
Migrate - Cross Site Scripting (XSS) - SA-CONTRIB-2015-130
https://www.drupal.org/node/2516678
Views Bulk Operations - Access Bypass - SA-CONTRIB-2015-131
https://www.drupal.org/node/2516688
Regards
Pere Orga on behalf of the Drupal Security Team
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
