CVE-2015-3232

Currently unrated 🤨

Key Information

Vendor: Drupal
Status: Drupal
Vendor: CVE Published:; 22 June 2015

Summary

Open redirect vulnerability in the Field UI module in Drupal 7.x before 7.38 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destinations parameter.

Refferences

http://lists.fedoraproject.org/pipermail/package-announce...

vendor-advisoryx_refsource_FEDORA

http://www.debian.org/security/2015/dsa-3291

vendor-advisoryx_refsource_DEBIAN

http://lists.fedoraproject.org/pipermail/package-announce...

vendor-advisoryx_refsource_FEDORA

https://www.drupal.org/SA-CORE-2015-002

x_refsource_CONFIRM

http://www.securityfocus.com/bid/75287

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Jun 22, 2015
Vulnerability Reserved
Apr 10, 2015

Collectors

NVD DatabaseMitre Database