10 matches found
UBUNTU-CVE-2015-7943
Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vector...
CVE-2015-7943
CVE-2015-7943 describes an open redirect vulnerability in Drupal 7.x where the Overlay module does not sufficiently validate URLs, enabling redirects to arbitrary sites and phishing via unspecified vectors. Affected are: Drupal core Overlay module in 7.x before 7.41; the jQuery Update module (7.x...
CVE-2015-7943
Removed by vendor...
Debian DSA-3897-1 : drupal7 - security update
Two vulnerabilities were discovered in Drupal, a fully-featured content management framework. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2015-7943 Samuel Mortenson and Pere Orga discovered that the overlay module does not sufficiently validate URLs...
[SECURITY] [DSA 3897-1] drupal7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3897-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 24, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3897-1] drupal7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3897-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 24, 2017 https://www.debian.org/security/faq -...
Mageia: Security Advisory (MGASA-2015-0425)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated drupal package fixes security vulnerability
The Overlay module in Drupal core displays administrative pages as a layer over the current page using JavaScript, rather than replacing the page in the browser window. The Overlay module does not sufficiently validate URLs prior to displaying their contents, leading to an open redirect...
jQuery Update - Less Critical - Open Redirect - SA-CONTRIB-2015-158
The jQuery Update module enables you to update jQuery on your site. The module ships with a modified version of the core Overlay JavaScript file, which is vulnerable to an open redirect attack see SA-CORE-2015-004. Only sites with the Overlay module enabled are vulnerable. An incomplete fix for...
Drupal Core - Overlay - Less Critical - Open Redirect - SA-CORE-2015-004
The Overlay module in Drupal core displays administrative pages as a layer over the current page using JavaScript, rather than replacing the page in the browser window. The Overlay module does not sufficiently validate URLs prior to displaying their contents, leading to an open redirect...