Vulnerability Database

313,825

Total vulnerabilities in the database

CVE-2012-1589

Open redirect vulnerability in the Form API in Drupal 7.x before 7.13 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via crafted parameters in a destination URL.

  • Published: May 18, 2012
  • Updated: Nov 9, 2025
  • CVE: CVE-2012-1589
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:N

CWEs:

Software From Fixed in
Composer icon drupal / drupal 7.0-alpha5 7.0-alpha5.x
Composer icon drupal / drupal 7.0-dev 7.0-dev.x
Composer icon drupal / drupal 7.0-alpha7 7.0-alpha7.x
Composer icon drupal / drupal 7.0-rc2 7.0-rc2.x
Composer icon drupal / drupal 7.0-rc4 7.0-rc4.x
Composer icon drupal / drupal 7.0-beta2 7.0-beta2.x
Composer icon drupal / drupal 7.0-rc3 7.0-rc3.x
Composer icon drupal / drupal 7.0-alpha1 7.0-alpha1.x
Composer icon drupal / drupal 7.3 7.3.x
Composer icon drupal / drupal 7.8 7.8.x
Composer icon drupal / drupal 7.0-alpha4 7.0-alpha4.x
Composer icon drupal / drupal 7.5 7.5.x
Composer icon drupal / drupal 7.10 7.10.x
Composer icon drupal / drupal 7.6 7.6.x
Composer icon drupal / drupal 7.12 7.12.x
Composer icon drupal / drupal 7.9 7.9.x
Composer icon drupal / drupal 7.0-rc1 7.0-rc1.x
Composer icon drupal / drupal 7.0-beta3 7.0-beta3.x
Composer icon drupal / drupal 7.4 7.4.x
Composer icon drupal / drupal 7.x-dev 7.x-dev.x
Composer icon drupal / drupal 7.0-alpha2 7.0-alpha2.x
Composer icon drupal / drupal 7.11 7.11.x
Composer icon drupal / drupal 7.0-alpha6 7.0-alpha6.x
Composer icon drupal / drupal 7.0 7.0.x
Composer icon drupal / drupal 7.0-beta1 7.0-beta1.x
Composer icon drupal / drupal 7.1 7.1.x
Composer icon drupal / drupal 7.7 7.7.x
Composer icon drupal / drupal 7.0-alpha3 7.0-alpha3.x
Composer icon drupal / drupal 7.2 7.2.x