oss-security September 2010 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: Re: [oss-security] CVE id requests: drupal

Re: [oss-security] CVE id requests: drupal

From: Josh Bressers <bressers_at_nospam>
Date: Mon Sep 13 2010 - 20:15:45 GMT
To: oss-security@lists.openwall.com

Here goes:

CVE-2010-3091 drupal OpenID authentication bypass
CVE-2010-3092 drupal File download access bypass
CVE-2010-3093 drupal Comment unpublishing bypass
CVE-2010-3094 drupal Actions cross site scripting

Thanks.

-- JB ----- "Steffen Joeris" <steffen.joeris@skolelinux.de> wrote: > Hi, > > I don't think these 4 issues[0] have been assigned CVE ids yet, could > I get > some? > > Cheers, > Steffen > > [0]: http://drupal.org/node/880476 > > OpenID authentication bypass > > File download access bypass > > Comment unpublishing bypass > > Actions cross site scripting