Open redirect

2017-09-1316:29:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.7%

JSON

Open redirect vulnerability in URL-related API functions in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the “//” initial sequence.

CPENameOperatorVersion
debian_linuxeq8.0
debian_linuxeq9.0
drupaleq7.0 alpha5
drupaleq7.0 dev
drupaleq7.0 alpha7
drupaleq6.0 beta2
drupaleq6.33
drupaleq7.16
drupaleq6.0 rc2
drupaleq7.21

Name	Operator	Version
debian_linux	eq	8.0
debian_linux	eq	9.0
drupal	eq	7.0 alpha5
drupal	eq	7.0 dev
drupal	eq	7.0 alpha7
drupal	eq	6.0 beta2
drupal	eq	6.33
drupal	eq	7.16
drupal	eq	6.0 rc2
drupal	eq	7.21