4 matches found
CVE-2012-2727
Open redirect vulnerability in the Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when synchronizing user data, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter...
CVE-2012-2727
Open redirect vulnerability in the Janrain Capture module for Drupal (versions 6.x-1.0 and 7.x-1.0). The issue stems from an endpoint used to re-synchronize user data between Drupal and Janrain Capture, where an input parameter controlling redirection was not constrained to internal paths, enabli...
CVE-2012-2727
Open redirect vulnerability in the Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when synchronizing user data, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter...
SA-CONTRIB-2012-098 - Janrain Capture - Open Redirect
This module allows for authentication through the cloud user-management platform Janrain Capture. Part of the module exposes an endpoint to re-synchronize user data between Drupal and Capture and allows for passing an optional parameter to redirect the user back to an original location. This...