CVE-2012-1589
EPSS 0.36%Drupal Open Redirect
Published: 5/17/2022Modified: 11/8/2023
Also known as:GHSA-wwrm-8947-4m6c
Description
Open redirect vulnerability in the Form API in Drupal 7.x before 7.13 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via crafted parameters in a destination URL.
Affected packages (1)
- Packagist/drupal/drupal>= 7.0, < 7.13
References (6)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2012-1589
- WEBhttp://drupal.org/node/1557938
- WEBhttp://jvndb.jvn.jp/jvndb/JVNDB-2012-000045
- WEBhttp://jvn.jp/en/jp/JVN45898075/index.html
- WEBhttps://web.archive.org/web/20120507035905/http://www.securityfocus.com/bid/53365
- WEBhttps://web.archive.org/web/20150523060428/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2013:074/?name=MDVSA-2013:074