vulnerability
Drupal: CVE-2016-3164 : Open redirect via path manipulation - SA-CORE-2016-001
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:M/Au:N/C:P/I:P/A:N) | Apr 12, 2016 | Aug 2, 2017 | Nov 27, 2024 |
Severity
6
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:N)
Published
Apr 12, 2016
Added
Aug 2, 2017
Modified
Nov 27, 2024
Description
Drupal 6.x before 6.38, 7.x before 7.43, and 8.x before 8.0.4 might allow remote attackers to conduct open redirect attacks by leveraging (1) custom code or (2) a form shown on a 404 error page, related to path manipulation.
Solutions
drupal-cve-2016-3164-1drupal-cve-2016-3164-2drupal-cve-2016-3164-3
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.