Open redirect vulnerability in the Context UI module in the Context module 7.x-3.x before 7.x-3.6 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/71925 | Third Party Advisory VDB Entry |
https://www.drupal.org/node/2403351 | Patch Vendor Advisory |
https://www.drupal.org/node/2402779 | Patch |
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148782.html | Third Party Advisory |
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148800.html | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Information
Published : 2015-01-15 07:59
Updated : 2016-08-23 10:28
NVD link : CVE-2015-1051
Mitre link : CVE-2015-1051
JSON object : View
CWE
Products Affected
context_project
- context
fedoraproject
- fedora