Description
Open redirect vulnerability in the Form API in Drupal 7.x before 7.13 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via crafted parameters in a destination URL.
Remediation
References
Related Vulnerabilities
WebLogic CVE-2019-2452 Vulnerability (CVE-2019-2452)
Oracle Database Server CVE-2011-0838 Vulnerability (CVE-2011-0838)
Drupal Core 4.6.x Multiple Vulnerabilities (4.6.0 - 4.6.3)
WordPress Plugin CalendApp Cross-Site Scripting (1.1)
WordPress Plugin Avenir-soft Direct Download Multiple Vulnerabilities (1.0)