返回 CVE 瀏覽器

CVE-2012-4489

MEDIUM

5.8

CVSS Severity Score

EPSS Score0.1840%

EPSS Percentile24.88th

Published2012年10月31日

Last Modified2026年4月29日

Vulnerability Description

Open redirect vulnerability in the securelogin_secure_redirect function in the Secure Login module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter.

Affected Platforms (CPE)

📦

Mark Burdett

Securelogin

= 7.x-1.0

📦

Mark Burdett

Securelogin

= 7.x-1.1

📦

Mark Burdett

Securelogin

= 7.x-1.2

📦

Mark Burdett

Securelogin

= 7.x-1.x

References & Advisories

🔗 http://drupal.org/node/1700594

🔗 http://drupalcode.org/project/securelogin.git/commitdiff/88518df

🔗 http://www.openwall.com/lists/oss-security/2012/10/04/6

🔗 http://www.openwall.com/lists/oss-security/2012/10/07/1

🔗 http://www.securityfocus.com/bid/54675

🔗 https://drupal.org/node/1692976

🔗 https://drupal.org/node/1698988

🔗 http://drupal.org/node/1700594

相關漏洞威脅

CVE-2007-247610.0

Unspecified vulnerability in Novell SecureLogin (NSL) 6 SP1 before 6.0.106 has unknown impact and remote attack vectors, related t...

CVE-2007-24756.5

Unspecified vulnerability in the ADSCHEMA utility in Novell SecureLogin (NSL) 6 SP1 before 6.0.106 has unknown impact and remote a...

CVE-2012-280410.0

Unspecified vulnerability in libavcodec/indeo3.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.5 has unknown impact and attack ...

CVE-2012-525410.0

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 ...