2 matches found
CVE-2015-4398
Open redirect vulnerability in the Chaos tool suite ctools module before 6.x-1.12 and 7.x-1.x before 7.x-1.7 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors involving processing confirmation delete pages...
CVE-2015-4398
CVE-2015-4398 is an open redirect vulnerability in the Chaos Tool Suite (ctools) Drupal module. Affected versions are CTools 6.x-1.x prior to 6.x-1.12 and 7.x-1.x prior to 7.x-1.7. The root cause is improper sanitization of URLs processed on confirmation delete pages, enabling remote attackers to...