Author: nion Date: 2009-07-24 21:34:40 +0000 (Fri, 24 Jul 2009) New Revision: 12406 Modified: data/CVE/list Log: new drupal6 issue non-issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-07-24 21:19:10 UTC (rev 12405) +++ data/CVE/list 2009-07-24 21:34:40 UTC (rev 12406) @@ -1,3 +1,8 @@ +CVE-2009-XXXX [XSS in drupal 6 calendar field] + - drupal6 <unfixed> (unimportant) + NOTE: you need to be able to create new calendar items, e.g. admistrative + NOTE: access in order to exploit that + NOTE: http://lists.grok.org.uk/pipermail/full-disclosure/2009-July/069849.html CVE-2009-2584 (Off-by-one error in the options_write function in ...) - linux-2.6 <unfixed> (low) - linux-2.6.24 <removed>