Drupal Open Redirect

Confirmation forms in Drupal 7.x before 7.52 make it easier for remote authenticated users to conduct open redirect attacks via unspecified vectors...

Mageia: Security Advisory (MGASA-2016-0413)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Drupal Multiple Vulnerabilities (Dec 2016) - Windows

Drupal is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal"; ifdescription...

FreeBSD : Drupal Code -- Multiple Vulnerabilities (8db24888-b2f5-11e6-8153-00248c0c745d)

The Drupal development team reports : Inconsistent name for term access query Less critical - Drupal 7 and Drupal 8 Drupal provides a mechanism to alter database SELECT queries before they are executed. Contributed and custom modules may use this mechanism to restrict access to certain entities b...

CVE-2016-9451

Confirmation forms in Drupal 7.x before 7.52 make it easier for remote authenticated users to conduct open redirect attacks via unspecified vectors...

Open redirect

Confirmation forms in Drupal 7.x before 7.52 make it easier for remote authenticated users to conduct open redirect attacks via unspecified vectors...

CVE-2016-9451

Confirmation forms in Drupal 7.x before 7.52 make it easier for remote authenticated users to conduct open redirect attacks via unspecified vectors...

UBUNTU-CVE-2016-9451

Confirmation forms in Drupal 7.x before 7.52 make it easier for remote authenticated users to conduct open redirect attacks via unspecified vectors...

CVE-2016-9451

Removed by vendor...

CVE-2016-9451

CVE-2016-9451 affects Drupal Core (Drupal 7.x) up to version 7.52. Root cause: a flaw in Confirmation forms that enables a remote authenticated user to perform open redirects via specially crafted URLs, potentially enabling phishing. Impact: open redirect to arbitrary sites; exploited by authenti...

Drupal Fixes 'Moderately Critical' Vulnerabilities in Core Engine

The Drupal Security Team fixed a handful of issues in version 7 and 8 of its content management system core engine this week that could have led to cache poisoning, social engineering attacks and a denial of service condition. Drupal SA-CORE-2016-005 – Moderately Critical Update to Drupal core 7....

Drupal Core - Moderately Critical - Multiple Vulnerabilities - SA-CORE-2016-005

Description Inconsistent name for term access query Less critical - Drupal 7 and Drupal 8 Drupal provides a mechanism to alter database SELECT queries before they are executed. Contributed and custom modules may use this mechanism to restrict access to certain entities by implementing...