Lucene search

Veracode Vulnerability DatabaseVERACODE:30223

HistoryApr 29, 2021 - 11:52 a.m.

Open Redirection

2021-04-2911:52:29

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

open redirection

drupal7

insufficient validation

malicious site

vulnerable software

EPSS

0.001

Percentile

33.8%

JSON

drupal7 is vulnerable to open redirection. Insufficient validation of the destination query parameter in the drupal_goto() function allows an attacker to redirect a user to a malicious site.

References

secdb.alpinelinux.org/edge/community.yaml

secdb.alpinelinux.org/v3.11/community.yaml

secdb.alpinelinux.org/v3.12/community.yaml

secdb.alpinelinux.org/v3.13/community.yaml

www.drupal.org/sa-core-2020-003

EPSS

0.001

Percentile

33.8%

JSON

Related for VERACODE:30223