
Find real vulnerabilities before they ship
Open redirect vulnerability in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter.
Base Score
6.1| Base Score | 6.1 |
|---|---|
| Vector String | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
| Base Severity | Medium |
| Version | 3.0 |
| Attack Vector (AV) | NETWORK |