Open Redirect Vulnerability in Drupal Core by Drupal
CVE-2020-13662

6.1MEDIUM

Key Information:

Vendor: Drupal
Status: Drupal Core
Vendor: CVE Published:; 5 May 2021

What is CVE-2020-13662?

An open redirect vulnerability in Drupal Core can allow an attacker to deceive users into clicking on a crafted link that redirects them to an arbitrary external URL. This manipulation can facilitate phishing attacks or lead users to malicious sites, undermining the security and trust in the affected applications. The vulnerability impacts Drupal Core version 7.70 and earlier, necessitating immediate attention from users to mitigate potential risks associated with untrusted redirects.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Drupal Core 7 <= 7.70

References

https://www.drupal.org/sa-core-2020-003

x_refsource_CONFIRM

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
May 5, 2021
Vulnerability Reserved
May 28, 2020

JSON

Drupal