Description
Open redirect vulnerability in the Field UI module in Drupal 7.x before 7.38 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destinations parameter.
Remediation
References
Related Vulnerabilities
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2026-29169)
Roundcube Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2009-4076)
WordPress Plugin Awesome Support-WordPress HelpDesk & Support Multiple Vulnerabilities (4.3.1)
Apache HTTP Server Out-of-bounds Read Vulnerability (CVE-2026-34032)
WordPress Plugin Contact Form Manager Multiple Cross-Site Scripting Vulnerabilities (1.4.1)