oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request for Drupal contributed modules

From: Kurt Seifried <kseifried () redhat com>
Date: Thu, 18 Apr 2013 14:19:39 -0600
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/17/2013 02:36 PM, Forest Monsen wrote:

Hi there,

I'd like to request CVE identifiers for...

SA-CONTRIB-2013-043 - MP3 Player - Cross Site Scripting (XSS) 
http://drupal.org/node/1972804


Please use CVE-2013-1971 for this issue.


SA-CONTRIB-2013-044 - elFinder file manager - Cross Site Request
Forgery (CSRF) http://drupal.org/node/1972942


Please use CVE-2013-1972 for this issue.


SA-CONTRIB-2013-045 - Autocomplete Widgets for Text and Number
Fields - Access bypass http://drupal.org/node/1972976


Please use CVE-2013-1973 for this issue.


Thanks!

Forest




- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRcFVbAAoJEBYNRVNeJnmTTzEQANS9vYnNx7tl981gaOmOXxF9
INr6aWHA6vpa2W7Ng+CxW3FOv89U4pZj8d6Qsr/QXu0+fO/e/JmJXVEH0Uo3HCyr
KtBfeM6QPuzykvPvdSDmgVa5xbw0OuaqYImPrjpCon5DYv81EgmQTMYMscZwuxFd
bxyBDepY3wVmM6MCoQwhNQLDO4tWHSfOkJcl6akvopNebelLjPrsQ6aPiXbwd+SQ
6QdhotHijf28UXtByGP8021uKFDKz2EsGHjg/tav0LsIamhLGYntE5BMiHIhIGWq
nFknlPDpr7XqJ+kyNiVeU/bMpDdNi61sbGI/9Hzr/8enFPQvzzyD82p4SqlRUkz9
cWVDfgVKbQ/4v2K8xlv1/nXCu7KMYY0kQaQcPXixgv/9wjy/lB+iiegY2ZfweGGM
wYS5MBmIHAMuuVVF1rE6bbUQi9pYVtNEmFADrbZflQcrrvuymmDDzoXrWCjrB9Cr
8veCPUdamTb4J9o4ddovwmdOyNUKOfufDxJWyBG50H+Ylb91tzqicUPq2JofTTCB
FswCcLTqdQ0SbzYVUm/M1h1ppz5TfqOo92DNnFfefVhCRD3U2X6OPBdiXIX7DL5o
PupmCmnoMthBJBczhFg2RONA/bhzKatYGpcw7hiLh03QKg6UxTyekuL+6+SCQqwk
tygZ/0q/GPaZgtTOso+G
=qeLa
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: