Home page logo
/

oss-sec logo oss-sec mailing list archives

CVE Request for Drupal Contributed Modules
From: Joshua Brauer <joshua () brauerranch com>
Date: Wed, 3 Oct 2012 18:06:22 -0600


This is a batch CVE request for several already published/resolved issues with contributed modules for the Drupal 
project.

http://drupal.org/node/1649346 | SA-CONTRIB-2012-104 - Privatemsg - Cross Site Scripting (XSS)
http://drupal.org/node/1663306 | SA-CONTRIB-2012-105 - Hashcash - Cross Site Scripting (XSS)
http://drupal.org/node/1679412 | SA-CONTRIB-2012-106 - Listhandler - Access Bypass
http://drupal.org/node/1679422 | SA-CONTRIB-2012-107 - Search autocomplete - Access bypass
http://drupal.org/node/1679442 | SA-CONTRIB-2012-108 - Drag & Drop Gallery - Arbitrary PHP code execution
http://drupal.org/node/1679442 | SA-CONTRIB-2012-108 - Drag & Drop Gallery - Cross Site Scripting
http://drupal.org/node/1679442 | SA-CONTRIB-2012-108 - Drag & Drop Gallery - Access bypass
http://drupal.org/node/1679442 | SA-CONTRIB-2012-108 - Drag & Drop Gallery - Cross Site Request Forgery
http://drupal.org/node/1679442 | SA-CONTRIB-2012-108 - Drag & Drop Gallery - SQL Injection
http://drupal.org/node/1679466 | SA-CONTRIB-2012-109 - Restrict node page view - Access bypass
http://drupal.org/node/1679486 | SA-CONTRIB-2012-110 - Colorbox Node - Cross Site Scripting (XSS)
http://drupal.org/node/1679532 | SA-CONTRIB-2012-111 - Security Questions - Access Bypass

Thanks,
Josh - on behalf of the Drupal security team.





  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]