Description
Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-3233.
Remediation
References
Related Vulnerabilities
Drupal Core 8.5.x Cross-Site Scripting (8.5.0 - 8.5.1)
MySQL CVE-2019-2693 Vulnerability (CVE-2019-2693)
WordPress Plugin Affiliate Power-Sales Tracking for Affiliate Marketers Cross-Site Scripting (2.2.0)
Joomla Incorrect Authorization Vulnerability (CVE-2010-1435)
Joomla! Core 3.x.x Multiple Cross-Site Scripting Vulnerabilities (3.0.0 - 3.9.3)