Vulnerabilities > CVE-2014-9363 - Remote Security vulnerability in Meta Tags Quick

CVSS 5.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

meta-tags-quick-project

NVD

Published: 2014-12-10

Updated: 2014-12-11

Summary

Open redirect vulnerability in the path-based meta tag editing form in the Meta tags quick module 7.x-2.x before 7.x-2.8 for Drupal allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via the destination parameter. <a href="http://cwe.mitre.org/data/definitions/601.html">CWE-601: URL Redirection to Untrusted Site ('Open Redirect')</a>

Vulnerable Configurations

Part	Description	Count
Application	Meta_Tags_Quick_Project Meta Tags Quick Project Meta Tags Quick 7.X-2.0 Meta Tags Quick Project Meta Tags Quick 7.X-2.1 Meta Tags Quick Project Meta Tags Quick 7.X-2.2 Meta Tags Quick Project Meta Tags Quick 7.X-2.3 Meta Tags Quick Project Meta Tags Quick 7.X-2.4 Meta Tags Quick Project Meta Tags Quick 7.X-2.5 Meta Tags Quick Project Meta Tags Quick 7.X-2.6 Meta Tags Quick Project Meta Tags Quick 7.X-2.7	8

Summary

Vulnerable Configurations

References