Open redirect vulnerability in the Context UI module in the Context module 7.x-3.x before 7.x-3.6 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter.
References
Link | Resource |
---|---|
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148782.html | Third Party Advisory |
http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148800.html | Third Party Advisory |
http://www.securityfocus.com/bid/71925 | Third Party Advisory VDB Entry |
https://www.drupal.org/node/2402779 | Patch |
https://www.drupal.org/node/2403351 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
No history.
Information
Published : 2015-01-15 15:59
Updated : 2024-02-28 12:20
NVD link : CVE-2015-1051
Mitre link : CVE-2015-1051
CVE.ORG link : CVE-2015-1051
JSON object : View
Products Affected
fedoraproject
- fedora
context_project
- context
CWE