Description
Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-3233.
Remediation
References
Related Vulnerabilities
MediaWiki Session Fixation Vulnerability (CVE-2013-4572)
MySQL CVE-2020-2904 Vulnerability (CVE-2020-2904)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1135)
MySQL CVE-2019-2530 Vulnerability (CVE-2019-2530)
WordPress Plugin Church Admin Arbitrary File Upload (1.2530)