Description

Open redirect vulnerability in the Form API in Drupal 7.x before 7.13 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via crafted parameters in a destination URL.

Remediation

References

CVE-2012-1589

Related Vulnerabilities

MySQL CVE-2021-35622 Vulnerability (CVE-2021-35622)

WordPress Plugin PowerPress Podcasting by Blubrry SQL Injection (6.0.2)

Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18625)

Joomla Other Vulnerability (CVE-2006-7008)

MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-27890)

Severity

Medium

Classification

CVE-2012-1589 CWE-20

Tags

Missing Update Known Vulnerabilities