oss-security - Re: CVE Request for Drupal Contributed Modules

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [day] [month] [year] [list]

Message-ID: <512EBECC.60709@redhat.com>
Date: Wed, 27 Feb 2013 19:19:56 -0700
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Forest Monsen <forest.monsen@...il.com>
Subject: Re: CVE Request for Drupal Contributed Modules

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/27/2013 03:19 PM, Forest Monsen wrote:
> Hi Kurt,
> 
> I'd like to request CVE identifiers for several issues in
> contributed modules:

Top posting, lazy, etc.

CVE-2013-1778 Drupal SA-CONTRIB-2013-024 - Creative Theme - Cross Site
Scripting (XSS)

CVE-2013-1779 Drupal SA-CONTRIB-2013-025 - Fresh Theme - Cross Site
Scripting (XSS)

CVE-2013-1780 Drupal SA-CONTRIB-2013-026 - Best Responsive Theme -
Cross Site Scripting (XSS)

CVE-2013-1781 Drupal SA-CONTRIB-2013-027 - Professional theme - Cross
Site Scripting (XSS)

CVE-2013-1782 Drupal SA-CONTRIB-2013-028 - Responsive Blog Theme -
Cross Site Scripting (XSS)

CVE-2013-1783 Drupal SA-CONTRIB-2013-029 - Business theme - Cross Site
Scripting (XSS)

CVE-2013-1784 Drupal SA-CONTRIB-2013-030 - Clean Theme - Cross Site
Scripting (XSS)

CVE-2013-1785 Drupal SA-CONTRIB-2013-031 - Premium Responsive theme -
Cross Site Scripting (XSS)

CVE-2013-1786 Drupal SA-CONTRIB-2013-032 - Company theme - Cross Site
Scripting (XSS)

CVE-2013-1787 Drupal SA-CONTRIB-2013-033 - Simple Corporate theme -
Cross Site Scripting (XSS)

> SA-CONTRIB-2013-024 - Creative Theme - Cross Site Scripting (XSS) 
> http://drupal.org/node/1929474
> 
> SA-CONTRIB-2013-025 - Fresh Theme - Cross Site Scripting (XSS) 
> http://drupal.org/node/1929482
> 
> SA-CONTRIB-2013-026 - Best Responsive Theme - Cross Site Scripting
> (XSS) http://drupal.org/node/1929484
> 
> SA-CONTRIB-2013-027 - Professional theme - Cross Site Scripting
> (XSS) http://drupal.org/node/1929486
> 
> SA-CONTRIB-2013-028 - Responsive Blog Theme - Cross Site Scripting
> (XSS) http://drupal.org/node/1929488
> 
> SA-CONTRIB-2013-029 - Business theme - Cross Site Scripting (XSS) 
> http://drupal.org/node/1929496
> 
> SA-CONTRIB-2013-030 - Clean Theme - Cross Site Scripting (XSS) 
> http://drupal.org/node/1929500
> 
> SA-CONTRIB-2013-031 - Premium Responsive theme - Cross Site
> Scripting (XSS) http://drupal.org/node/1929508
> 
> SA-CONTRIB-2013-032 - Company theme - Cross Site Scripting (XSS) 
> http://drupal.org/node/1929512
> 
> SA-CONTRIB-2013-033 - Simple Corporate theme - Cross Site Scripting
> (XSS) http://drupal.org/node/1929514
> 
> Thanks! Forest
> 

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRLr7MAAoJEBYNRVNeJnmTvVgQAJLPqEWbzGuJ0ozs9Y0rAP5h
Ez7opdb/ZZVaIC6hZ7q7Bjsnww9N2fGAvd+rTbo/Nbpmu2jHb3gwB/C52FtC6d1Q
nALg/ZbC/VJ776QjVL21iRQq/lR0y8BIH4JKWPMiF5Ir1lKfAE3VAQnMbTB4s3GE
IyGVDct+vkMVWpr1SfXCOk0Bn/+pzF6S7pwqAGdWgVluYAgFmUZoRSnZpYJiRGQu
OhjbZPqx6NSJ2sl880cZhMfOsOyscNdWjnoARokwxtqlYuf6MfDxj0S2jda409mf
z4XBsy+JS3bk09hy6faWT1EsN9fCGrnlYwzK9o0XlMO1/UACsAN050Ia++c6z43o
Nuz565BKTQgr7PIYD47kMTesHzchXmtFbXB0jeELpkqKrE+7u6+GjtNlzgo4ysE8
3evFe603ofmUdhQB9vv3h9NeLFFKWDyaxd2p7GMaEEqx4siivH4tUrJgHN3QajrK
lni7dLTtzHsgBC7Rv5gFVO9TrJth8zpltG6sQzlslFFaS+acGkxnq1iMwS78EcOa
GP4LV+6eEr9eGNySKDABDKsRp7MwuALneJF4JeN1NozsKG6HWyE/+b8jUYuJCwVe
DEWc4wo7c+OllN0QcCx/k5tmxz2mfLi6LBPVGBg1qEnFeFvOENH3VrTcmSYjBq00
mq9W2kmQnCo/iNISqEcv
=i0PB
-----END PGP SIGNATURE-----

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.