Vulnerabilities > CVE-2015-3358 - Unspecified vulnerability in Tadaa! Project Tadaa! 7.X1.3

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

tadaa-project

NVD

Published: 2015-04-21

Updated: 2024-11-21

Summary

Multiple open redirect vulnerabilities in the Tadaa! module before 7.x-1.4 for Drupal allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a destination parameter, related to callbacks that (1) enable and disable modules or (2) change variables.

Vulnerable Configurations

Part	Description	Count
Application	Tadaa\!_Project Tadaa! Project Tadaa! 7.X-1.3	1

References

http://www.openwall.com/lists/oss-security/2015/01/29/6
http://www.openwall.com/lists/oss-security/2015/01/29/6
http://www.securityfocus.com/bid/72110
http://www.securityfocus.com/bid/72110
https://www.drupal.org/node/2406949
https://www.drupal.org/node/2406949
https://www.drupal.org/node/2407321
https://www.drupal.org/node/2407321