Detections
Analytics

CVE-2015-3233

medium

Description

Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.38 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

References

https://www.drupal.org/node/2507741

https://www.drupal.org/node/2507735

https://www.drupal.org/node/2507729

https://www.drupal.org/node/2507561

https://www.drupal.org/node/2507555

https://www.drupal.org/node/2507535

https://www.drupal.org/SA-CORE-2015-002

http://www.securityfocus.com/bid/75284

http://www.securityfocus.com/bid/75280

http://www.securityfocus.com/bid/75279

http://www.openwall.com/lists/oss-security/2015/07/04/4

http://www.debian.org/security/2015/dsa-3291

http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161265.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161261.html

Details

Source: Mitre, NVD

Published: 2015-06-22

Updated: 2016-12-03

Risk Information

CVSS v2

Base Score: 5.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium