oss-sec mailing list archives
Re: CVE request: drupal 5.10/6.4
From: "Steven M. Christey" <coley () linus mitre org>
Date: Wed, 20 Aug 2008 12:04:28 -0400 (EDT)
On Fri, 15 Aug 2008, Hanno [utf-8] B??ck wrote:
http://drupal.org/node/295053
Use the following, to be filled in later: CVE-2008-3740 - first XSS CVE-2008-3741 - second XSS. This has a different root cause so is SPLIT. CVE-2008-3742 - BlogAPI file uploads CVE-2008-3743 - first CSRF, for 6.x only CVE-2008-3744 - second CSRF, for 6.x/5.x (different affected versions so SPLIT) CVE-2008-3745 - Upload module priv escalation - Steve
Current thread:
- CVE request: drupal 5.10/6.4 Hanno Böck (Aug 14)
- Re: CVE request: drupal 5.10/6.4 Steven M. Christey (Aug 20)