[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 3 Oct 2012 18:06:22 -0600
From: Joshua Brauer <joshua@...uerranch.com>
To: kseifried@...hat.com,
oss-security@...ts.openwall.com
Subject: CVE Request for Drupal Contributed Modules
This is a batch CVE request for several already published/resolved issues with contributed modules for the Drupal project.
http://drupal.org/node/1649346 | SA-CONTRIB-2012-104 - Privatemsg - Cross Site Scripting (XSS)
http://drupal.org/node/1663306 | SA-CONTRIB-2012-105 - Hashcash - Cross Site Scripting (XSS)
http://drupal.org/node/1679412 | SA-CONTRIB-2012-106 - Listhandler - Access Bypass
http://drupal.org/node/1679422 | SA-CONTRIB-2012-107 - Search autocomplete - Access bypass
http://drupal.org/node/1679442 | SA-CONTRIB-2012-108 - Drag & Drop Gallery - Arbitrary PHP code execution
http://drupal.org/node/1679442 | SA-CONTRIB-2012-108 - Drag & Drop Gallery - Cross Site Scripting
http://drupal.org/node/1679442 | SA-CONTRIB-2012-108 - Drag & Drop Gallery - Access bypass
http://drupal.org/node/1679442 | SA-CONTRIB-2012-108 - Drag & Drop Gallery - Cross Site Request Forgery
http://drupal.org/node/1679442 | SA-CONTRIB-2012-108 - Drag & Drop Gallery - SQL Injection
http://drupal.org/node/1679466 | SA-CONTRIB-2012-109 - Restrict node page view - Access bypass
http://drupal.org/node/1679486 | SA-CONTRIB-2012-110 - Colorbox Node - Cross Site Scripting (XSS)
http://drupal.org/node/1679532 | SA-CONTRIB-2012-111 - Security Questions - Access Bypass
Thanks,
Josh - on behalf of the Drupal security team.
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
