Required CVE Record Information
Description
Open redirect vulnerability in the securelogin_secure_redirect function in the Secure Login module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter.
References 7 Total
- openwall.com: [oss-security] 20121004 CVE Request for Drupal Contributed Modules mailing-list
- http://drupalcode.org/project/securelogin.git/commitdiff/88518df
- https://drupal.org/node/1698988
- https://drupal.org/node/1692976
- securityfocus.com: 54675 vdb-entry
- openwall.com: [oss-security] 20121007 Re: CVE Request for Drupal Contributed Modules mailing-list
- http://drupal.org/node/1700594
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 7 Total
- openwall.com: [oss-security] 20121004 CVE Request for Drupal Contributed Modules mailing-listx_transferred
- http://drupalcode.org/project/securelogin.git/commitdiff/88518df x_transferred
- https://drupal.org/node/1698988 x_transferred
- https://drupal.org/node/1692976 x_transferred
- securityfocus.com: 54675 vdb-entryx_transferred
- openwall.com: [oss-security] 20121007 Re: CVE Request for Drupal Contributed Modules mailing-listx_transferred
- http://drupal.org/node/1700594 x_transferred