|
Message-Id: <EB7899C0-F95C-4474-8881-4ADFA048D866@brauerranch.com> Date: Wed, 3 Oct 2012 18:06:22 -0600 From: Joshua Brauer <joshua@...uerranch.com> To: kseifried@...hat.com, oss-security@...ts.openwall.com Subject: CVE Request for Drupal Contributed Modules This is a batch CVE request for several already published/resolved issues with contributed modules for the Drupal project. http://drupal.org/node/1649346 | SA-CONTRIB-2012-104 - Privatemsg - Cross Site Scripting (XSS) http://drupal.org/node/1663306 | SA-CONTRIB-2012-105 - Hashcash - Cross Site Scripting (XSS) http://drupal.org/node/1679412 | SA-CONTRIB-2012-106 - Listhandler - Access Bypass http://drupal.org/node/1679422 | SA-CONTRIB-2012-107 - Search autocomplete - Access bypass http://drupal.org/node/1679442 | SA-CONTRIB-2012-108 - Drag & Drop Gallery - Arbitrary PHP code execution http://drupal.org/node/1679442 | SA-CONTRIB-2012-108 - Drag & Drop Gallery - Cross Site Scripting http://drupal.org/node/1679442 | SA-CONTRIB-2012-108 - Drag & Drop Gallery - Access bypass http://drupal.org/node/1679442 | SA-CONTRIB-2012-108 - Drag & Drop Gallery - Cross Site Request Forgery http://drupal.org/node/1679442 | SA-CONTRIB-2012-108 - Drag & Drop Gallery - SQL Injection http://drupal.org/node/1679466 | SA-CONTRIB-2012-109 - Restrict node page view - Access bypass http://drupal.org/node/1679486 | SA-CONTRIB-2012-110 - Colorbox Node - Cross Site Scripting (XSS) http://drupal.org/node/1679532 | SA-CONTRIB-2012-111 - Security Questions - Access Bypass Thanks, Josh - on behalf of the Drupal security team.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.