Description
Open redirect vulnerability in the Form API in Drupal 7.x before 7.13 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via crafted parameters in a destination URL.
Remediation
References
Related Vulnerabilities
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.6)
WebLogic CVE-2020-2828 Vulnerability (CVE-2020-2828)
WordPress Plugin Coupon Creator Cross-Site Request Forgery (3.1)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0124)
WordPress Plugin Mass Delete Taxonomies Cross-Site Request Forgery (3.0.0)