Description

Open redirect vulnerability in the Field UI module in Drupal 7.x before 7.38 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destinations parameter.

Remediation

References

CVE-2015-3232

Related Vulnerabilities

Joomla! Core 3.0.x Security Bypass (3.0.0 - 3.0.3)

Serendipity Other Vulnerability (CVE-2005-1448)

WordPress Plugin Canalplan Cross-Site Scripting (3.22)

WordPress Plugin WordPress Download Manager 'cid' Parameter Cross-Site Scripting (2.2.2)

Resin Application Server Other Vulnerability (CVE-2012-2966)

Severity

Medium

Classification

CVE-2015-3232

Tags

Missing Update Known Vulnerabilities