CVE-2015-3233

Sažetak

Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.38 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Reference

http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161261.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161265.html
http://www.debian.org/security/2015/dsa-3291
http://www.openwall.com/lists/oss-security/2015/07/04/4
http://www.securityfocus.com/bid/75279
http://www.securityfocus.com/bid/75280
http://www.securityfocus.com/bid/75284
https://www.drupal.org/node/2507535
https://www.drupal.org/node/2507555
https://www.drupal.org/node/2507561
https://www.drupal.org/node/2507729
https://www.drupal.org/node/2507735
https://www.drupal.org/node/2507741
https://www.drupal.org/SA-CORE-2015-002

CVSS

Base:	5.8
Impact:	4.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:N

Zadnje važnije ažuriranje

03-12-2016 - 03:09

Objavljeno

22-06-2015 - 19:59