2 matches found
CVE-2015-4363
CVE-2015-4363 is an open redirect vulnerability in the Finder module for Drupal, exploitable via the function finder_form_goto which allows phishing by redirecting users to arbitrary URLs. Affected are Finder 6.x-1.x (Drupal 6) and Finder module 7.x-x.x prior to 7.x-2.1 (Drupal 7). The Drupal SA-...
SA-CONTRIB-2015-067 - Finder - Open Redirect
Finder module allows you to create flexible faceted search forms to find entities such as nodes or users based on the values of fields and database attributes. The provided function finderformgoto is susceptible to a phishing attack. An attacker could formulate a redirect in a way that gets the...