3 matches found
CVE-2015-3393
CVE-2015-3393 relates to the Commerce WeDeal Drupal module (7.x) prior to 7.x-1.3. The vulnerability is an open redirect: an attacker can redirect users to arbitrary sites via an unspecified parameter, enabling phishing-like redirects. Affected versions: Commerce WeDeal 7.x-1.x before 7.x-1.3. Im...
CVE-2015-3393
Open redirect vulnerability in the Commerce WeDeal module before 7.x-1.3 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter...
SA-CONTRIB-2015-034 - Commerce WeDeal - Open Redirect
Commerce WeDeal module enables you to do Commerce payments through the payment provider WeDeal. The module doesn't sufficiently check a query parameter used for page redirection, thereby leading to an Open Redirect vulnerability. CVE identifiers issued CVE-2015-3393 Versions affected Commerce...