Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 4 Jul 2015 21:55:06 +0200
From: Pere Orga <>
Cc: Security Team <>
Subject: CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-100
 to SA-CONTRIB-2015-131)


Please can I have CVEs assigned to the following vulnerabilities:

Camtasia Relay - Cross Site Scripting (XSS) - SA-CONTRIB-2015-100

MailChimp - Cross Site Scripting (XSS) - SA-CONTRIB-2015-101

Smart Trim - Cross Site Scripting (XSS) - SA-CONTRIB-2015-102

Views - Access Bypass - SA-CONTRIB-2015-103

Dynamic display block - Access bypass - SA-CONTRIB-2015-104

Video Consultation - Cross Site Scripting (XSS) - SA-CONTRIB-2015-105

Entityform Block - Access Bypass - SA-CONTRIB-2015-106

Webform Matrix Component - Cross Site Scripting (XSS) - SA-CONTRIB-2015-107

Mobile sliding menu - Cross Site Scripting (XSS) - SA-CONTRIB-2015-108

pass2pdf - Information Disclosure - SA-CONTRIB-2015-109

Web Links - Cross Site Scripting (XSS) - SA-CONTRIB-2015-110

Shipwire - Cross Site Scripting (XSS) - SA-CONTRIB-2015-111

Navigate - Access Bypass - SA-CONTRIB-2015-112
Navigate - Cross-site scripting - SA-CONTRIB-2015-112

Aegir - Code Execution Prevention - SA-CONTRIB-2015-113

Storage API - Access Bypass - SA-CONTRIB-2015-114

Chamilo integration - Open Redirect - SA-CONTRIB-2015-115

Novalnet Payment Module Ubercart - SQL Injection - SA-CONTRIB-2015-116

Novalnet Payment Module Drupal Commerce - SQL Injection - SA-CONTRIB-2015-117

HTTP Strict Transport Security - Logical Error - SA-CONTRIB-2015-118

Apache Solr Real-Time - Access Bypass - SA-CONTRIB-2015-119

Inline Entity Form - Cross Site Scripting (XSS) - SA-CONTRIB-2015-120

The eXtensible Catalog (XC) Drupal Toolkit - Cross Site Request
Forgery (CSRF) - SA-CONTRIB-2015-121

Administration Views - Access Bypass - SA-CONTRIB-2015-122

jQuery Update - Open Redirect - SA-CONTRIB-2015-123

LABjs - Open Redirect - SA-CONTRIB-2015-124

Acquia Cloud Site Factory Connector - Open Redirect - SA-CONTRIB-2015-125

Content Construction Kit (CCK) - Open Redirect - SA-CONTRIB-2015-126

HybridAuth Social Login - Access bypass - SA-CONTRIB-2015-127

me aliases - Access Bypass - SA-CONTRIB-2015-128

Shibboleth authentication - Cross Site Scripting (XSS) - SA-CONTRIB-2015-129

Migrate - Cross Site Scripting (XSS) - SA-CONTRIB-2015-130

Views Bulk Operations - Access Bypass - SA-CONTRIB-2015-131

Pere Orga on behalf of the Drupal Security Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.