Description

Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.24 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Remediation

References

CVE-2013-6389

Related Vulnerabilities

PHP Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2004-0594)

WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.11)

ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-5606)

WordPress Other Vulnerability (CVE-2007-1230)

WordPress Plugin Extra User Details Privilege Escalation (0.4.2)

Severity

Medium

Classification

CVE-2013-6389 CWE-20

Tags

Missing Update Known Vulnerabilities