Open Redirect vulnerability in Drupal Core allows a user to be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL. This issue affects: Drupal Drupal Core 7 version 7.70 and prior versions.
[
{
"product": "Drupal Core",
"vendor": "Drupal",
"versions": [
{
"lessThanOrEqual": "7.70",
"status": "affected",
"version": "7",
"versionType": "custom"
}
]
}
]