Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 13 Sep 2010 16:15:45 -0400 (EDT)
From: Josh Bressers <>
Subject: Re: CVE id requests: drupal

Here goes:

CVE-2010-3091 drupal OpenID authentication bypass
CVE-2010-3092 drupal File download access bypass
CVE-2010-3093 drupal Comment unpublishing bypass
CVE-2010-3094 drupal Actions cross site scripting



----- "Steffen Joeris" <> wrote:

> Hi,
> I don't think these 4 issues[0] have been assigned CVE ids yet, could
> I get 
> some?
> Cheers,
> Steffen
> [0]:
> OpenID authentication bypass
> File download access bypass
> Comment unpublishing bypass
> Actions cross site scripting

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.