Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <CABbbngC3h1YMC+WNu9V9KN6dPJbJhxHdEEadcf+eJfRRwCjYCQ@mail.gmail.com>
Date: Sat, 2 Nov 2013 22:37:02 -0700
From: Forest Monsen <forest.monsen@...il.com>
To: "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com>
Cc: Kurt Seifried <kseifried@...hat.com>
Subject: CVE request for Drupal contributed modules

Hi there! I'd like to request CVE identifiers for:

SA-CONTRIB-2013-081 - Spaces - Access bypass
https://drupal.org/node/2118717

SA-CONTRIB-2013-082 - Bean - Cross Site Scripting (XSS)
https://drupal.org/node/2118873

SA-CONTRIB-2013-083 - Quiz - Access Bypass
https://drupal.org/node/2123995
(This appears to me to be two issues; an access bypass, and an access
bypass leading to information disclosure.)

SA-CONTRIB-2013-084 - FileField Sources - Access Bypass
https://drupal.org/node/2124241

SA-CONTRIB-2013-085 - Feed Element Mapper - Cross Site Scripting
https://drupal.org/node/2124279

SA-CONTRIB-2013-086 - Monster Menus - Access bypass
https://drupal.org/node/2124289

Thanks!
Forest

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.