Lucene search
K

44 matches found

Mageia
Mageia
added 2015/11/04 6:3 p.m.33 views

Updated drupal package fixes security vulnerability

The Overlay module in Drupal core displays administrative pages as a layer over the current page using JavaScript, rather than replacing the page in the browser window. The Overlay module does not sufficiently validate URLs prior to displaying their contents, leading to an open redirect...

6.1CVSS6.2AI score0.01774EPSS
Exploits0References7
OSV
OSV
added 2015/11/04 6:3 p.m.9 views

MGASA-2015-0425 Updated drupal package fixes security vulnerability

The Overlay module in Drupal core displays administrative pages as a layer over the current page using JavaScript, rather than replacing the page in the browser window. The Overlay module does not sufficiently validate URLs prior to displaying their contents, leading to an open redirect...

6.1CVSS6.1AI score0.01774EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2015/10/26 12:0 a.m.27 views

FreeBSD : drupal -- open redirect vulnerability (75f39413-7a00-11e5-a2a1-002590263bf5)

Drupal development team reports : The Overlay module in Drupal core displays administrative pages as a layer over the current page using JavaScript, rather than replacing the page in the browser window. The Overlay module does not sufficiently validate URLs prior to displaying their contents,...

6.1CVSS6.3AI score0.01774EPSS
Exploits0References4
ArchLinux
ArchLinux
added 2015/10/23 12:0 a.m.27 views

drupal: open redirect

The Overlay module in Drupal core displays administrative pages as a layer over the current page using JavaScript, rather than replacing the page in the browser window. The Overlay module does not sufficiently validate URLs prior to displaying their contents, leading to an open redirect...

1.7AI score0.01774EPSS
Exploits0References2
Drupal
Drupal
added 2015/10/21 12:0 a.m.25 views

LABjs - Less Critical - Open Redirect - SA-CONTRIB-2015-159

The LABjs module integrates LABjs with Drupal for web performance optimization. The module ships with a modified version of the core Overlay JavaScript file, which is vulnerable to an open redirect attack see SA-CORE-2015-004. Only sites with the Overlay module enabled are vulnerable. An incomple...

6.1CVSS6.1AI score0.01774EPSS
Exploits0References14
Drupal
Drupal
added 2015/10/21 12:0 a.m.646 views

Drupal Core - Overlay - Less Critical - Open Redirect - SA-CORE-2015-004

The Overlay module in Drupal core displays administrative pages as a layer over the current page using JavaScript, rather than replacing the page in the browser window. The Overlay module does not sufficiently validate URLs prior to displaying their contents, leading to an open redirect...

6.1CVSS6AI score0.01774EPSS
Exploits0References11
FreeBSD
FreeBSD
added 2015/10/21 12:0 a.m.27 views

drupal -- open redirect vulnerability

Drupal development team reports: The Overlay module in Drupal core displays administrative pages as a layer over the current page using JavaScript, rather than replacing the page in the browser window. The Overlay module does not sufficiently validate URLs prior to displaying their contents,...

6.1CVSS6.2AI score0.01774EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/10/15 12:0 a.m.26 views

Mageia: Security Advisory (MGASA-2015-0253)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8CVSS6.3AI score0.02763EPSS
Exploits0References11
Mageia
Mageia
added 2015/07/01 12:40 p.m.32 views

Updated drupal package fixes security vulnerability

Incorrect cache handling made private content viewed by "user 1" exposed to other, non-privileged users CVE-2015-3231. A flaw in the Field UI module made it possible for attackers to redirect users to malicious sites CVE-2015-3232. Due to insufficient URL validation, the Overlay module could be...

5.8CVSS6.2AI score0.02763EPSS
Exploits0References9
Prion
Prion
added 2015/06/22 7:59 p.m.14 views

Open redirect

Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.38 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

5.8CVSS6.1AI score0.02763EPSS
Exploits0References14Affected Software1
UbuntuCve
UbuntuCve
added 2015/06/22 7:59 p.m.21 views

CVE-2015-3233

Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.38 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

5.8CVSS6.5AI score0.02763EPSS
Exploits0References2
OSV
OSV
added 2015/06/22 7:59 p.m.3 views

UBUNTU-CVE-2015-3233

Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.38 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

5.8CVSS6.5AI score0.02763EPSS
Exploits0References3
CVE
CVE
added 2015/06/22 7:0 p.m.71 views

CVE-2015-3233

CVE-2015-3233 is an open redirect vulnerability in the Drupal Overlay module for Drupal 7.x, caused by insufficient URL validation. It affects Drupal 7.x prior to 7.38 (per CVE description). Debi an advisory notes fixes across Drupal7 packages in multiple releases (e.g., Wheezy: 7.14-2+deb7u10; J...

5.8CVSS6AI score0.02763EPSS
Exploits0References14Affected Software1
Debian CVE
Debian CVE
added 2015/06/22 7:0 p.m.16 views

CVE-2015-3233

Removed by vendor...

5.8CVSS6.2AI score0.02763EPSS
Exploits0
Debian
Debian
added 2015/06/18 5:52 p.m.37 views

[SECURITY] [DSA 3291-1] drupal7 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3291-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 18, 2015 https://www.debian.org/security/faq -...

5.8CVSS6.8AI score0.02763EPSS
Exploits0
OpenVAS
OpenVAS
added 2015/06/18 12:0 a.m.23 views

Debian Security Advisory DSA 3291-1 (drupal7 - security update)

Several vulnerabilities were found in drupal7, a content management platform used to power websites. CVE-2015-3231Incorrect cache handling made private content viewed by user 1 exposed to other, non-privileged users. CVE-2015-3232 A flaw in the Field UI module made it possible for attackers to...

5.8CVSS6.5AI score0.02763EPSS
Exploits0References1
OSV
OSV
added 2015/06/18 12:0 a.m.25 views

DSA-3291-1 drupal7 - security update

Bulletin has no description...

5.8CVSS6.1AI score0.02763EPSS
Exploits0
Drupal
Drupal
added 2014/04/30 12:0 a.m.11 views

SA-CONTRIB-2014-048 - Field API Pane Editor (FAPE) - Access bypass

This module adds a contextual menu to fields which are added to an entity display in Panels, allowing individual fields to be directly edited via a separate page or, if it is enabled, the Overlay module. The module doesn't sufficiently verify the user has access to modify the entity the field is...

5.8AI score
Exploits0References13
NVD
NVD
added 2013/12/07 9:55 p.m.17 views

CVE-2013-6389

Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.24 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

5.8CVSS6.5AI score0.01207EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2013/12/07 9:55 p.m.23 views

CVE-2013-6389

Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.24 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

5.8CVSS6AI score0.01207EPSS
Exploits0References1
Rows per page
Query Builder