Author: white Date: 2009-12-23 11:00:32 +0000 (Wed, 23 Dec 2009) New Revision: 13631 Modified: data/CVE/list Log: Mark all 3 new XSS issues for drupal6 accordingly Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-12-23 10:37:34 UTC (rev 13630) +++ data/CVE/list 2009-12-23 11:00:32 UTC (rev 13631) @@ -73,11 +73,15 @@ CVE-2009-4372 (AlienVault Open Source Security Information Management (OSSIM) 2.1.5, ...) NOT-FOR-US: AlienVault Open Source Security Information Management CVE-2009-4371 (Cross-site scripting (XSS) vulnerability in the Locale module ...) - - drupal6 <unfixed> (low) + - drupal6 <unfixed> (low; bug #562165) + [lenny] - drupal6 <no-dsa> (Minor issue, requires auth) CVE-2009-4370 (Cross-site scripting (XSS) vulnerability in the Menu module ...) - TODO: check + - drupal6 <unfixed> (low; bug #562165) + [lenny] - drupal6 <no-dsa> (Minor issue, requires auth) CVE-2009-4369 (Cross-site scripting (XSS) vulnerability in the Contact module ...) - TODO: check + - drupal6 <unfixed> (low; bug #562165) + [lenny] - drupal6 <no-dsa> (Minor issue, requires auth) + - drupal5 <unfixed> (low) CVE-2009-4368 (Multiple unspecified vulnerabilities in Centreon before 2.1.4 have ...) NOT-FOR-US: Centreon CVE-2009-4367 (The Staging Webservice ("sitecore modules/staging/service/api.asmx") ...)