Description

Open redirect vulnerability in the Field UI module in Drupal 7.x before 7.38 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destinations parameter.

Remediation

References

CVE-2015-3232

Related Vulnerabilities

MySQL CVE-2015-4904 Vulnerability (CVE-2015-4904)

WordPress Plugin NextGEN Gallery-WordPress Gallery 'nggallery-manage-gallery' HTML Injection (0.96)

WordPress Other Vulnerability (CVE-2007-1894)

MySQL CVE-2021-2021 Vulnerability (CVE-2021-2021)

WordPress Plugin Social Like Box and Page by WpDevArt Unspecified Vulnerability (0.8.39)

Severity

Medium

Classification

CVE-2015-3232

Tags

Missing Update Known Vulnerabilities