Lucene search

[email protected]CVE-2015-4363

HistoryJun 15, 2015 - 2:59 p.m.

CVE-2015-4363

2015-06-1514:59:17

[email protected]

web.nvd.nist.gov

cve-2015-4363

open redirect

vulnerability

drupal

finder module

phishing

nvd

6.9 Medium

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.002 Low

EPSS

Percentile

64.6%

JSON

Open redirect vulnerability in the finder_form_goto function in the Finder module for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Affected configurations

NVD

Node

finder_projectfinderdrupal

CPENameOperatorVersion
finder_project:finderfinder project findereq*

CPE	Name	Operator	Version
finder_project:finder	finder project finder	eq	*

References

www.openwall.com/lists/oss-security/2015/04/25/6

www.securityfocus.com/bid/72959

www.drupal.org/node/2445967

6.9 Medium

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.002 Low

EPSS

Percentile

64.6%

JSON

Related for CVE-2015-4363

cvelist1 prion1 nvd1 drupal1