Description

Open Redirect vulnerability in Drupal Core allows a user to be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL. This issue affects: Drupal Drupal Core 7 version 7.70 and prior versions.

Remediation

References

CVE-2020-13662

Related Vulnerabilities

WordPress Plugin Rezgo Online Booking Multiple Cross-Site Scripting Vulnerabilities (1.8)

OpenSSL CVE-2023-5363 Vulnerability (CVE-2023-5363)

Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9518)

WordPress Plugin Kino Gallery TimThumb Arbitrary File Upload (1.0)

YOURLS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3783)

Severity

Medium

Classification

CVE-2020-13662 CWE-601 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities