Description
Open redirect vulnerability in URL-related API functions in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the "//" initial sequence.
Remediation
References
Related Vulnerabilities
WordPress Plugin User Meta Manager Multiple Vulnerabilities (3.4.6)
Sqlite Out-of-bounds Read Vulnerability (CVE-2017-10989)
WordPress Plugin Google Drive for WordPress Information Disclosure (2.2)
XOOPS Other Vulnerability (CVE-2006-5810)
WordPress Plugin Simple Yearly Archive Cross-Site Scripting (2.1.8)