Description

Open redirect vulnerability in the Field UI module in Drupal 7.x before 7.38 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destinations parameter.

Remediation

References

CVE-2015-3232

Related Vulnerabilities

MySQL CVE-2020-14794 Vulnerability (CVE-2020-14794)

MODX Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-25911)

Internet Information Services Other Vulnerability (CVE-1999-0450)

WordPress Plugin Tabs-Responsive Tabs with WooCommerce Product Tab Extension Security Bypass (3.5.4)

WordPress Plugin ThemeGrill Demo Importer Security Bypass (1.6.1)

Severity

Medium

Classification

CVE-2015-3232

Tags

Missing Update Known Vulnerabilities