[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE id requests: drupal
From:       Josh Bressers <bressers () redhat ! com>
Date:       2010-09-13 20:15:45
Message-ID: 1998321318.2315911284408945143.JavaMail.root () zmail01 ! collab ! prod ! int ! phx2 ! redhat ! com
[Download RAW message or body]

Here goes:

CVE-2010-3091 drupal OpenID authentication bypass
CVE-2010-3092 drupal File download access bypass
CVE-2010-3093 drupal Comment unpublishing bypass
CVE-2010-3094 drupal Actions cross site scripting

Thanks.

-- 
    JB


----- "Steffen Joeris" <steffen.joeris@skolelinux.de> wrote:

> Hi,
> 
> I don't think these 4 issues[0] have been assigned CVE ids yet, could
> I get 
> some?
> 
> Cheers,
> Steffen
> 
> [0]: http://drupal.org/node/880476
> 
> OpenID authentication bypass
> 
> File download access bypass
> 
> Comment unpublishing bypass
> 
> Actions cross site scripting
[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic