Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 21 Aug 2015 19:53:29 +0200
From: Pere Orga <pere@...a.cat>
To: oss-security@...ts.openwall.com
Cc: Drupal Security Team <security@...pal.org>
Subject: CVEs requests for Drupal Core (SA-CORE-2015-003)

Hi

Please can I have CVE IDs assigned to the following vulnerabilities:

Cross-site Scripting - Ajax system - Drupal 7
Cross-site Scripting - Autocomplete system - Drupal 6 and 7
SQL Injection - Database API - Drupal 7
Cross-site Request Forgery - Form API - Drupal 6 and 7
Information Disclosure in Menu Links - Access system - Drupal 6 and 7

See https://www.drupal.org/SA-CORE-2015-003 for details.

Thanks

Regards
Pere Orga on behalf of the Drupal Security Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ