oss-sec mailing list archives

CVE request for Drupal Core and contributed modules

From: Forest Monsen <forest.monsen () gmail com>
Date: Wed, 20 Feb 2013 20:42:15 -0800

Hi Kurt,

Here's a request for CVE identifiers for several issues:

SA-CORE-2013-002 - Drupal core - Denial of service
http://drupal.org/SA-CORE-2013-002

SA-CONTRIB-2013-015 - Manager Change for Organic Groups - Cross site
scripting (XSS)
http://drupal.org/node/1916312

SA-CONTRIB-2013-016 - Banckle Chat - Access bypass - Unsupported
http://drupal.org/node/1916370

SA-CONTRIB-2013-017 - Yandex.Metrics - Cross site scripting (XSS)
http://drupal.org/node/1922400

SA-CONTRIB-2013-018 - Taxonomy Manager - Cross Site Request Forgery (CSRF)
http://drupal.org/node/1922410

SA-CONTRIB-2013-019 - Ubercart Views - Cross site scripting (XSS)
http://drupal.org/node/1922416

SA-CONTRIB-2013-020 - Ubercart - Cross site scripting (XSS)
http://drupal.org/node/1922418

SA-CONTRIB-2013-021 - Display Suite - Cross Site Scripting (XSS)
http://drupal.org/node/1922438

SA-CONTRIB-2013-022 - Menu Reference - Cross site scripting (XSS)
http://drupal.org/node/1922446

SA-CONTRIB-2013-023 - Varnish module - Cross Site Scripting (XSS)
http://drupal.org/node/1922756

Thanks!

Forest

Current thread:

CVE request for Drupal Core and contributed modules Forest Monsen (Feb 20)
- Re: CVE request for Drupal Core and contributed modules Kurt Seifried (Feb 20)