Open redirect in Drupal - #VU491
Published: September 16, 2016
Vulnerability identifier: #VU491
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: N/A
CWE-ID: CWE-601
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Drupal
Affected software:
Drupal
Drupal
Detailed vulnerability description
The vulnerability allows attackers to perform open redirection attacks and steal user's credentials.
The weakness exists due to sensibility of API function drupal_goto() to a phishing attack. By redirecting the victim to an arbitrarily provided URL a malicious user can cause open redirect.
Successful exploitation of the vulnerability exposes attackers possibility to conduct open redirection attacks and obtain user's data.
The weakness exists due to sensibility of API function drupal_goto() to a phishing attack. By redirecting the victim to an arbitrarily provided URL a malicious user can cause open redirect.
Successful exploitation of the vulnerability exposes attackers possibility to conduct open redirection attacks and obtain user's data.
Remediation
Update 5.x to 5.22.
http://ftp.drupal.org/files/projects/drupal-5.22.tar.gz
Update 6.x to 6.16.
http://ftp.drupal.org/files/projects/drupal-6.16.tar.gzhttps://www.drupal.org/node/731710
http://ftp.drupal.org/files/projects/drupal-5.22.tar.gz
Update 6.x to 6.16.
http://ftp.drupal.org/files/projects/drupal-6.16.tar.gzhttps://www.drupal.org/node/731710