Drupal Core double-encoded 'destination' parameter open redirect vulnerability

Drupal is a free and open source content management system developed in PHP. An open redirection vulnerability exists in the Drupal Core double encoding of the 'destination' parameter.The Drupal 6 'drupalgoto' function fails to correctly decode the content of $REQUEST'destination' when used,...