EPSS
Percentile
33.8%
drupal7 is vulnerable to open redirection. Insufficient validation of the destination query parameter in the drupal_goto() function allows an attacker to redirect a user to a malicious site.
drupal_goto()
secdb.alpinelinux.org/edge/community.yaml
secdb.alpinelinux.org/v3.11/community.yaml
secdb.alpinelinux.org/v3.12/community.yaml
secdb.alpinelinux.org/v3.13/community.yaml
www.drupal.org/sa-core-2020-003