[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] Re: CVE Requests for Drupal Core - SA-CORE-2016-004
From: cve-assign () mitre ! org
Date: 2016-09-28 20:19:33
Message-ID: 20160928201933.246876C542B () smtpvmsrv1 ! mitre ! org
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
> https://www.drupal.org/SA-CORE-2016-004
> Users without "Administer comments" can set comment visibility on
> nodes they can edit
Use CVE-2016-7570.
> Cross-site Scripting in http exceptions
Use CVE-2016-7571.
> Full config export can be downloaded without administrative permissions
Use CVE-2016-7572.
- --
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJX7CVvAAoJEHb/MwWLVhi2BdYQAIBhKIpY/Uq+mCbHDidgRMra
g9tgf7Jit9kDtGhS93eafrBhFVsiZgNPa7F3kPxsVivbPL2fzyAM5QLIuh9FK9dB
PrsubVdejpqpEXTcAPvgiB1nxkqLsYqf5uFlUBSYkgDuSYdf5AVt4xZ2u7hh+PEO
zlkS3Y+8hteaR1k/Oy/LXR8+QeHYD4126AhocIEX7yooyQLEDC6zaU7BvgWVXpY3
Sv8dDMQ7eUk+UBgEfih33/+spqMrVKQJcKcIDP5yIH+hCaYTEK8atHJIIFQL1R0b
cjEshwhdDCAFnqn5qtxTdZTQlx5PZGD0aZCiuVzr/5eNE61UGnVfmkQMMu8mDJkQ
kivhXiH2A7noNPd6S3SWRbNIfP5HXta30BcSWQwZKAPERnNFbFwLs/L1Lzf7MiL1
D4Cccl+j3Bvval90rrKDYHcbavKnvLraEms5TWWUB/fwTMVUlgGstRd/RmyPRMnm
TBfsNn62LidMEDQfiJdtPgcoM6lPeEs/FxrClRu/B4FcGRYduxFOSWuLod53rr+8
TFWEsHF7+PdGiz4WjeSHMh9it8Mw15qlvcnYegsPiNkbCx0cYH4BYaPMx8oEEVNR
zf4eAfW+2ne4QaL9MiK7x/aMV+n2BkNBloYLRz5pk4exEtVmf8l0Hzh88uUtLebo
sPe3L9lN2+vXKIalxg0Q
=/g1W
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic