Description
Open redirect vulnerability in the Form API in Drupal 7.x before 7.13 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via crafted parameters in a destination URL.
Remediation
References
Related Vulnerabilities
WordPress Plugin WooCommerce Stock Manager Security Bypass (1.0.7)
OpenSSL Improper Input Validation Vulnerability (CVE-2013-4353)
SharePoint CVE-2020-16941 Vulnerability (CVE-2020-16941)
Grafana Insufficiently Protected Credentials Vulnerability (CVE-2022-31130)
WordPress 4.0.x Cross-Domain Flash Injection Vulnerability (4.0 - 4.0.21)