Lucene search
RootSSV:60097HistoryMay 04, 2012 - 12:00 a.m.
Drupal 7.x Core URI重定向漏洞
2012-05-0400:00:00
Root
www.seebug.org
14
0.004 Low
EPSS
Percentile
70.2%
Bugtraq ID: 53365
CVE ID:CVE-2012-1589
Drupal是一款开放源码的内容管理平台。
Drupal表单API允许用户设置目的地址,但没有正确校验URL是否为内部站点,这可通过恶意脚本重定向登录页面到远程恶意站点,可获得敏感信息。
0
Drupal 7.x
厂商解决方案
Drupal 7.13已经修复此漏洞,建议用户下载使用:
http://www.drupal.org/
Related
osv
osv
Drupal Open Redirect
2022-05-17 04:56:42
prion
prion
Open redirect
2012-05-18 20:55:00
ubuntucve
ubuntucve
CVE-2012-1589
2012-05-18 00:00:00
github
github
Drupal Open Redirect
2022-05-17 04:56:42
debiancve
debiancve
CVE-2012-1589
2012-05-18 20:55:00
cve
cve
CVE-2012-1589
2012-05-18 20:55:00
jvn
jvn
JVN#45898075: Drupal Form API fails to validate the redirect URL
2012-05-17 00:00:00
nessus
nessus
Drupal 7.x < 7.13 Multiple Vulnerabilities
2016-10-28 00:00:00
Mandriva Linux Security Advisory : drupal (MDVSA-2013:074)
2013-04-20 00:00:00
drupal
drupal
SA-CORE-2012-002 - Drupal core multiple vulnerabilities
2012-05-02 00:00:00