5.8
CVE-2015-5510
- EPSS 1.2%
- Veröffentlicht 18.08.2015 18:00:15
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginOpen redirect vulnerability in the Content Construction Kit (CCK) 6.x-2.x before 6.x-2.10 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the destinations parameter, related to administration pages.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Content Construction Kit Project ≫ Content Construction Kit Version6.x-2.0 SwPlatformdrupal
Content Construction Kit Project ≫ Content Construction Kit Version6.x-2.1 SwPlatformdrupal
Content Construction Kit Project ≫ Content Construction Kit Version6.x-2.2 SwPlatformdrupal
Content Construction Kit Project ≫ Content Construction Kit Version6.x-2.3 SwPlatformdrupal
Content Construction Kit Project ≫ Content Construction Kit Version6.x-2.4 SwPlatformdrupal
Content Construction Kit Project ≫ Content Construction Kit Version6.x-2.5 SwPlatformdrupal
Content Construction Kit Project ≫ Content Construction Kit Version6.x-2.6 SwPlatformdrupal
Content Construction Kit Project ≫ Content Construction Kit Version6.x-2.7 SwPlatformdrupal
Content Construction Kit Project ≫ Content Construction Kit Version6.x-2.8 SwPlatformdrupal
Content Construction Kit Project ≫ Content Construction Kit Version6.x-2.9 SwPlatformdrupal
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.2% | 0.642 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.8 | 8.6 | 4.9 |
AV:N/AC:M/Au:N/C:P/I:P/A:N
|
http://www.openwall.com/lists/oss-security/2015/07/04/4
http://www.securityfocus.com/bid/75281
https://www.drupal.org/node/2507753
https://www.drupal.org/node/2507763