Lucene search
K

4 matches found

NVD
NVD
added 2012/06/27 12:55 a.m.13 views

CVE-2012-2727

Open redirect vulnerability in the Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when synchronizing user data, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter...

5.8CVSS6.7AI score0.02345EPSS
Exploits0References8
CVE
CVE
added 2012/06/27 12:0 a.m.34 views

CVE-2012-2727

Open redirect vulnerability in the Janrain Capture module for Drupal (versions 6.x-1.0 and 7.x-1.0). The issue stems from an endpoint used to re-synchronize user data between Drupal and Janrain Capture, where an input parameter controlling redirection was not constrained to internal paths, enabli...

5.8CVSS6.9AI score0.02345EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2012/06/27 12:0 a.m.16 views

CVE-2012-2727

Open redirect vulnerability in the Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when synchronizing user data, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter...

6.7AI score0.02345EPSS
Exploits0References8
Drupal
Drupal
added 2012/06/13 12:0 a.m.18 views

SA-CONTRIB-2012-098 - Janrain Capture - Open Redirect

This module allows for authentication through the cloud user-management platform Janrain Capture. Part of the module exposes an endpoint to re-synchronize user data between Drupal and Capture and allows for passing an optional parameter to redirect the user back to an original location. This...

5.8CVSS6.8AI score0.02345EPSS
Exploits0References10
Rows per page
Query Builder