CVE-2012-1589
Published: 18 May 2012
Open redirect vulnerability in the Form API in Drupal 7.x before 7.13 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via crafted parameters in a destination URL.
Priority
Status
Package | Release | Status |
---|---|---|
drupal7 Launchpad, Ubuntu, Debian |
trusty |
Not vulnerable
(7.14-1)
|
vivid |
Not vulnerable
(7.14-1)
|
|
hardy |
Does not exist
|
|
lucid |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
precise |
Ignored
(end of life)
|
|
quantal |
Not vulnerable
(7.14-1)
|
|
raring |
Not vulnerable
(7.14-1)
|
|
saucy |
Not vulnerable
(7.14-1)
|
|
upstream |
Released
(7.14-1)
|
|
utopic |
Not vulnerable
(7.14-1)
|
|
wily |
Not vulnerable
(7.14-1)
|
|
xenial |
Not vulnerable
(7.14-1)
|
|
yakkety |
Not vulnerable
(7.14-1)
|
|
zesty |
Not vulnerable
(7.14-1)
|
|
drupal5 Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
utopic |
Does not exist
|
|
vivid |
Does not exist
|
|
wily |
Does not exist
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
drupal6 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Ignored
(end of life)
|
|
natty |
Ignored
(end of life)
|
|
oneiric |
Ignored
(end of life)
|
|
precise |
Ignored
(end of life)
|
|
quantal |
Ignored
(end of life)
|
|
raring |
Ignored
(end of life)
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
utopic |
Does not exist
|
|
vivid |
Does not exist
|
|
wily |
Does not exist
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|