oss-sec mailing list archives
CVE requests for Drupal core (SA-CORE-2016-005)
From: Pere Orga <pere () orga cat>
Date: Fri, 18 Nov 2016 11:22:09 +0100
Hi Please can I have CVE IDs assigned to the following Drupal vulnerabilities (see https://www.drupal.org/SA-CORE-2016-005): * Inconsistent name for term access query (Drupal 7 and Drupal 8) * Incorrect cache context on password reset page (Drupal 8) * Confirmation forms allow external URLs to be injected (Drupal 7) * Denial of service via transliterate mechanism (Drupal 8) Thanks -- Pere Orga
Current thread:
- CVE requests for Drupal core (SA-CORE-2016-005) Pere Orga (Nov 18)
- Re: CVE requests for Drupal core (SA-CORE-2016-005) cve-assign (Nov 18)