Описание
Open redirect vulnerability in the Context UI module in the Context module 7.x-3.x before 7.x-3.6 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Patch
- PatchVendor Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Patch
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:context_project:context:7.x-3.0:*:*:*:*:drupal:*:*
cpe:2.3:a:context_project:context:7.x-3.1:*:*:*:*:drupal:*:*
cpe:2.3:a:context_project:context:7.x-3.2:*:*:*:*:drupal:*:*
cpe:2.3:a:context_project:context:7.x-3.3:*:*:*:*:drupal:*:*
cpe:2.3:a:context_project:context:7.x-3.4:*:*:*:*:drupal:*:*
cpe:2.3:a:context_project:context:7.x-3.5:*:*:*:*:drupal:*:*
Конфигурация 2
Одно из
cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
EPSS
Процентиль: 70%
0.00631
Низкий
5.8 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Open redirect vulnerability in the Context UI module in the Context module 7.x-3.x before 7.x-3.6 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter.
EPSS
Процентиль: 70%
0.00631
Низкий
5.8 Medium
CVSS2
Дефекты
NVD-CWE-Other