Описание
Drupal Open Redirect
Open redirect vulnerability in the Form API in Drupal 7.x before 7.13 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via crafted parameters in a destination URL.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2012-1589
- https://web.archive.org/web/20120507035905/http://www.securityfocus.com/bid/53365
- https://web.archive.org/web/20150523060428/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2013:074/?name=MDVSA-2013:074
- http://drupal.org/node/1557938
- http://jvn.jp/en/jp/JVN45898075/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2012-000045
Пакеты
Наименование
drupal/drupal
composer
Затронутые версииВерсия исправления
>= 7.0, < 7.13
7.13
Связанные уязвимости
ubuntu
больше 13 лет назад
Open redirect vulnerability in the Form API in Drupal 7.x before 7.13 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via crafted parameters in a destination URL.
nvd
больше 13 лет назад
Open redirect vulnerability in the Form API in Drupal 7.x before 7.13 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via crafted parameters in a destination URL.
debian
больше 13 лет назад
Open redirect vulnerability in the Form API in Drupal 7.x before 7.13 ...