oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE Request -- Drupal v6.16 / v5.22 SA-CORE-2010-001

From: Jan Lieskovsky <jlieskov () redhat com>
Date: Mon, 08 Mar 2010 20:36:55 +0100
Hi Steve, vendors,

  multiple security issues have been addressed within SA-CORE-2010-001:

* Installation cross site scripting
* Open redirection
* Locale module cross site scripting
* Blocked user session regeneration

References:
  [1] http://drupal.org/node/731710
  [2] http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036472.html
  [3] http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036619.html
  [4] http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036583.html

Could you allocate CVE ids for these?

Thanks && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team
Previous By Date Next
Previous By Thread Next

Current thread: