CVE-request for three 2009 Joomla issues (second part)

[Henri Salo <henri () nerv fi>]

Can I get three CVEs assigned for these issues:

1) "Input passed via the "HTTP_REFERER" is not properly sanitised before being returned to the user. This can be 
exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site."
http://developer.joomla.org/security/news/298-20090604-core-frontend-xss-httpreferer-not-properly-filtered.html
http://osvdb.org/show/osvdb/55589

2) "Input passed via the URL is not properly sanitised before being returned to the user. This can be exploited to 
execute arbitrary HTML and script code in a user's browser session in context of an affected site."
http://developer.joomla.org/security/news/299-20090605-core-frontend-xss-phpself-not-properly-filtered.html
http://osvdb.org/show/osvdb/55590

3) "A security issue exists due to certain files missing the check for JEXEC, which can lead to the disclosure of path 
information."
http://developer.joomla.org/security/news/300-20090606-core-missing-jexec-check.html (different than 
302-20090722-core-missing-jexec-check.html)
http://osvdb.org/show/osvdb/55591

Secunia advisory: http://secunia.com/advisories/35668/

- Henri Salo