oss-sec mailing list archives
Re: CVE Request -- Drupal v6.16 / v5.22 SA-CORE-2010-001
From: Henri Salo <henri () nerv fi>
Date: Mon, 28 Jun 2010 20:19:40 +0300
On Mon, 08 Mar 2010 20:36:55 +0100 Jan Lieskovsky <jlieskov () redhat com> wrote:
Hi Steve, vendors, multiple security issues have been addressed within SA-CORE-2010-001: * Installation cross site scripting * Open redirection * Locale module cross site scripting * Blocked user session regeneration References: [1] http://drupal.org/node/731710 [2] http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036472.html [3] http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036619.html [4] http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036583.html Could you allocate CVE ids for these? Thanks && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Did this get CVE-identifiers? --- Henri Salo
Current thread:
- Re: CVE Request -- Drupal v6.16 / v5.22 SA-CORE-2010-001 Henri Salo (Jun 28)
- Re: CVE Request -- Drupal v6.16 / v5.22 SA-CORE-2010-001 Josh Bressers (Jun 28)