The path module in Drupal allows users with the βadminister pathsβ to create pretty URLs for content.
In certain circumstances the user can enter a particular path that triggers an open redirect to a malicious url.
CPE | Name | Operator | Version |
---|---|---|---|
drupal/core | lt | 8.6.2 | |
drupal/core | lt | 8.5.8 | |
drupal/core | lt | 7.60 |