Lucene search

MitreCVE-2014-9363

HistoryDec 10, 2014 - 8:59 p.m.

CVE-2014-9363

2014-12-1020:59:02

mitre

web.nvd.nist.gov

cve-2014-9363

open redirect vulnerability

meta tags quick module

drupal

phishing

nvd

CVSS2

5.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:P/A:N

AI Score

6.5

Confidence

Low

EPSS

0.001

Percentile

37.1%

JSON

Open redirect vulnerability in the path-based meta tag editing form in the Meta tags quick module 7.x-2.x before 7.x-2.8 for Drupal allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via the destination parameter.

Affected configurations

Nvd

Node

meta_tags_quick_projectmeta_tags_quickMatch7.x-2.0drupal

meta_tags_quick_projectmeta_tags_quickMatch7.x-2.1drupal

meta_tags_quick_projectmeta_tags_quickMatch7.x-2.2drupal

meta_tags_quick_projectmeta_tags_quickMatch7.x-2.3drupal

meta_tags_quick_projectmeta_tags_quickMatch7.x-2.4drupal

meta_tags_quick_projectmeta_tags_quickMatch7.x-2.5drupal

meta_tags_quick_projectmeta_tags_quickMatch7.x-2.6drupal

meta_tags_quick_projectmeta_tags_quickMatch7.x-2.7drupal

VendorProductVersionCPE
meta_tags_quick_projectmeta_tags_quick7.x-2.0cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.0:*:*:*:*:drupal:*:*
meta_tags_quick_projectmeta_tags_quick7.x-2.1cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.1:*:*:*:*:drupal:*:*
meta_tags_quick_projectmeta_tags_quick7.x-2.2cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.2:*:*:*:*:drupal:*:*
meta_tags_quick_projectmeta_tags_quick7.x-2.3cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.3:*:*:*:*:drupal:*:*
meta_tags_quick_projectmeta_tags_quick7.x-2.4cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.4:*:*:*:*:drupal:*:*
meta_tags_quick_projectmeta_tags_quick7.x-2.5cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.5:*:*:*:*:drupal:*:*
meta_tags_quick_projectmeta_tags_quick7.x-2.6cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.6:*:*:*:*:drupal:*:*
meta_tags_quick_projectmeta_tags_quick7.x-2.7cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.7:*:*:*:*:drupal:*:*

Vendor	Product	Version	CPE
meta_tags_quick_project	meta_tags_quick	7.x-2.0	cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.0:::::drupal::
meta_tags_quick_project	meta_tags_quick	7.x-2.1	cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.1:::::drupal::
meta_tags_quick_project	meta_tags_quick	7.x-2.2	cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.2:::::drupal::
meta_tags_quick_project	meta_tags_quick	7.x-2.3	cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.3:::::drupal::
meta_tags_quick_project	meta_tags_quick	7.x-2.4	cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.4:::::drupal::
meta_tags_quick_project	meta_tags_quick	7.x-2.5	cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.5:::::drupal::
meta_tags_quick_project	meta_tags_quick	7.x-2.6	cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.6:::::drupal::
meta_tags_quick_project	meta_tags_quick	7.x-2.7	cpe:2.3:a:meta_tags_quick_project:meta_tags_quick:7.x-2.7:::::drupal::

References

www.drupal.org/node/2295975

www.drupal.org/node/2296511

CVSS2

5.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:P/A:N

AI Score

6.5

Confidence

Low

EPSS

0.001

Percentile

37.1%

JSON

Related for CVE-2014-9363