Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 21 Aug 2015 19:53:29 +0200
From: Pere Orga <>
Cc: Drupal Security Team <>
Subject: CVEs requests for Drupal Core (SA-CORE-2015-003)


Please can I have CVE IDs assigned to the following vulnerabilities:

Cross-site Scripting - Ajax system - Drupal 7
Cross-site Scripting - Autocomplete system - Drupal 6 and 7
SQL Injection - Database API - Drupal 7
Cross-site Request Forgery - Form API - Drupal 6 and 7
Information Disclosure in Menu Links - Access system - Drupal 6 and 7

See for details.


Pere Orga on behalf of the Drupal Security Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ