VDB
GCVE-110-MAGEIA-2015-425
GCVE-110-MAGEIA-2015-425
Advisory Published
The Overlay module in Drupal core displays administrative pages as a layer
over the current page (using JavaScript), rather than replacing the page
in the browser window. The Overlay module does not sufficiently validate
URLs prior to displaying their contents, leading to an open redirect
vulnerability (CVE-2015-7943).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | drupal | 7.41-1.1.mga5 (unaffected), 0 (affected) | — |
Aliases
References
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.