Vulnerability Database
289,689
Total vulnerabilities in the database
Drupal External URL injection through URL aliases leading to Open Redirect
The path module in Drupal allows users with the 'administer paths' to create pretty URLs for content. In certain circumstances the user can enter a particular path that triggers an open redirect to a malicious url.
| Software | From | Fixed in |
|---|---|---|
drupal / drupal
|
7.0 | 7.60 |
|
drupal / drupal
|
8.0.0 | 8.5.8 |
|
drupal / drupal
|
8.6.0 | 8.6.2 |