CVE-2015-1051
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
15/01/2015
Last modified:
12/04/2025
Description
Open redirect vulnerability in the Context UI module in the Context module 7.x-3.x before 7.x-3.6 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter.
Impact
Base Score 2.0
5.80
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:context_project:context:7.x-3.0:*:*:*:*:drupal:*:* | ||
| cpe:2.3:a:context_project:context:7.x-3.1:*:*:*:*:drupal:*:* | ||
| cpe:2.3:a:context_project:context:7.x-3.2:*:*:*:*:drupal:*:* | ||
| cpe:2.3:a:context_project:context:7.x-3.3:*:*:*:*:drupal:*:* | ||
| cpe:2.3:a:context_project:context:7.x-3.4:*:*:*:*:drupal:*:* | ||
| cpe:2.3:a:context_project:context:7.x-3.5:*:*:*:*:drupal:*:* | ||
| cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:* | ||
| cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148782.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148800.html
- http://www.securityfocus.com/bid/71925
- https://www.drupal.org/node/2402779
- https://www.drupal.org/node/2403351
- http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148782.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148800.html
- http://www.securityfocus.com/bid/71925
- https://www.drupal.org/node/2402779
- https://www.drupal.org/node/2403351