CVE-2016-9451

描述

Confirmation forms in Drupal 7.x before 7.52 make it easier for remote authenticated users to conduct open redirect attacks via unspecified vectors.

受影響套件(1)

• Packagist/drupal/core>= 7.0, < 7.52

CVSS 分數

參考連結(5)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2016-9451
• PATCHhttps://github.com/drupal/core
• WEBhttps://www.drupal.org/SA-CORE-2016-005
• WEBhttp://www.debian.org/security/2016/dsa-3718
• WEBhttp://www.securityfocus.com/bid/94367