Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 11 Jan 2016 23:10:30 +0100
From: Pere Orga <>
Cc: Drupal Security Team <>
Subject: CVE requests for Drupal contributed modules


Please can I have CVE IDs assigned to the following vulnerabilities:

SA-CONTRIB-2015-157 - Twilio - Moderately Critical - Access bypass

SA-CONTRIB-2015-160 - Webform CiviCRM Integration - Moderately
Critical - Cross Site Scripting (XSS)

SA-CONTRIB-2015-166 - Encrypt - Moderately Critical - Weak Encryption

SA-CONTRIB-2015-167 - RESTful - Less Critical - Access bypass

SA-CONTRIB-2015-170 - Apache Solr Search - Moderately Critical - Access Bypass

SA-CONTRIB-2015-173 - Select2 Field Widget - Critical - Cross Site
Scripting (XSS)

SA-CONTRIB-2015-174 - Open Atrium - Critical - Cross Site Scripting (XSS)

SA-CONTRIB-2015-175 - Block Class - Critical - Cross Site Scripting (XSS)


Pere Orga on behalf of the Drupal Security team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ