oss-sec mailing list archives

Re: CVE id requests: drupal

From: Josh Bressers <bressers () redhat com>
Date: Mon, 13 Sep 2010 16:15:45 -0400 (EDT)

Here goes:

CVE-2010-3091 drupal OpenID authentication bypass
CVE-2010-3092 drupal File download access bypass
CVE-2010-3093 drupal Comment unpublishing bypass
CVE-2010-3094 drupal Actions cross site scripting

Thanks.

-- 
    JB


----- "Steffen Joeris" <steffen.joeris () skolelinux de> wrote:

Hi,

I don't think these 4 issues[0] have been assigned CVE ids yet, could
I get 
some?

Cheers,
Steffen

[0]: http://drupal.org/node/880476

OpenID authentication bypass

File download access bypass

Comment unpublishing bypass

Actions cross site scripting

Current thread:

CVE id requests: drupal Steffen Joeris (Sep 10)
- Re: CVE id requests: drupal Josh Bressers (Sep 13)