Back to search
CVE-2012-2727
Published: Jun 27, 2012
Modified: Aug 6, 2024
PUBLISHED
Description
Open redirect vulnerability in the Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when synchronizing user data, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
janrain-drupal-spoofing(76292)
vdb-entry
x_refsource_XF
[oss-security] 20120613 Re: CVE Request for Drupal contributed modules
mailing-list
x_refsource_MLIST
http://drupal.org/node/1632734
x_refsource_MISC
http://drupal.org/node/1632704
x_refsource_CONFIRM
82958
vdb-entry
x_refsource_OSVDB
http://drupal.org/node/1632702
x_refsource_CONFIRM
49480
third-party-advisory
x_refsource_SECUNIA
53992
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now