[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE request for Drupal contributed modules
From: Kurt Seifried <kseifried () redhat ! com>
Date: 2013-09-27 6:14:10
Message-ID: 52452232.8050907 () redhat ! com
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 09/26/2013 03:21 PM, Forest Monsen wrote:
> Hi there,
>
> I'd like to request CVE identifiers for:
>
> SA-CONTRIB-2013-073 - Make Meeting Scheduler - Access Bypass
> https://drupal.org/node/2081637
>
> SA-CONTRIB-2013-074 - MediaFront - Cross Site Scripting (XSS)
> https://drupal.org/node/2087051
>
> SA-CONTRIB-2013-075 - Click2Sell - Multiple Vulnerabilities (XSS
> and CSRF) (Now marked "unsupported," and no patch provided)
> https://drupal.org/node/2087055
>
> SA-CONTRIB-2013-076 - jQuery Countdown - Cross Site Scripting
> (XSS) https://drupal.org/node/2087095
>
> SA-CONTRIB-2013-077 - Google Site Search - Cross Site Scripting
> (XSS) https://drupal.org/node/2092395
>
> Thanks!
>
> Best, Forest
Please use:
CVE-2013-4379 Drupal SA-CONTRIB-2013-073 - Make Meeting Scheduler -
Access Bypass
CVE-2013-4380 Drupal SA-CONTRIB-2013-074 - MediaFront - Cross Site
Scripting (XSS)
CVE-2013-4381 Drupal SA-CONTRIB-2013-075 - Click2Sell - Multiple
Vulnerabilities XSS
CVE-2013-4382 Drupal SA-CONTRIB-2013-075 - Click2Sell - Multiple
Vulnerabilities CSRF
CVE-2013-4383 Drupal SA-CONTRIB-2013-076 - jQuery Countdown - Cross
Site Scripting (XSS)
CVE-2013-4384 Drupal SA-CONTRIB-2013-077 - Google Site Search - Cross
Site Scripting (XSS)
- --
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
iQIcBAEBAgAGBQJSRSIyAAoJEBYNRVNeJnmT/dAP/j87eza8z/EQ1QDIXD/HYi3F
p0eXP+p8vvfQPfsDF2y3+fckmWsRuGzYDYU3Lh3Z7rbUipJkHPc+ABKfXgQWJJiN
3F0JqDBWlyz9Dih3tdXf+qX53oZ1jovhTYuBI8ktEUM4LRh0bnjFanAWumlkL2kK
GswolTCw4TK+AGtJEPTpoAa6NpMW0SzrLGwLDYtlPFqXdjr2pdXpzLDikqPiaO3P
K3c+FpM4J0AfsIdQUE3DVnm6pm+91mTzDVmGNKq48bvEAzMNw90bVPSEwWjseb8b
Z+F5IfYOGvwxrqT8SnDt3aOb9tVCYbPw++F2DmXno6JvlQiswCRhfI0U5DHLW0TK
isLHFS4HifPZk4LzZmw/jBnA8BTFDu3BXY6Rav1j0eOOa8yawAjkdi1fw60OCmmA
tcgtPzxEVs8jH0MMl2hFdQrIJY/ladh9yyBrXPBQixH4ijZth8C74Y/R6czEehl/
qSmn8zGNAWQkYPknNutb1nhthC9ho8zS3mV8ls5VQY/wCVCpLrxmKsDIn8Hi0vTL
4Khx1zXLFENd6ne0qhxlFV55/KXu1FbNfyhyBPpd20aLOLnp6LPGMj2GHztRLaZI
len35d5KzIIm+stqTNWRCpQ0cFDhGtkDElaUV78EIepH+zdhcIT83blxWmFz7RRU
kw/wIWQdbrM6QcThG5P0
=lGBK
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic