Description
Confirmation forms in Drupal 7.x before 7.52 make it easier for remote authenticated users to conduct open redirect attacks via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin Custom Fields Search by BestWebSoft Cross-Site Scripting (1.3.1)
WordPress Plugin Clockwork SMS Notfications Cross-Site Scripting (2.0.3)
WordPress Plugin Spectra-WordPress Gutenberg Blocks Cross-Site Scripting (1.25.5)
Joomla Improper Preservation of Permissions Vulnerability (CVE-2020-13763)
WebLogic Missing Authentication for Critical Function Vulnerability (CVE-2024-21007)