Vulnerabilities > CVE-2015-3393 - Unspecified vulnerability in Fibonacciorange Wedeal 7.X1.2

CVSS 5.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

network

fibonacciorange

NVD

Published: 2015-04-21

Updated: 2017-09-08

Summary

Open redirect vulnerability in the Commerce WeDeal module before 7.x-1.3 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter. <a href="http://cwe.mitre.org/data/definitions/601.html">CWE-601: URL Redirection to Untrusted Site ('Open Redirect')</a>

Vulnerable Configurations

Part	Description	Count
Application	Fibonacciorange Fibonacciorange Wedeal 7.X-1.2	1

References

http://www.openwall.com/lists/oss-security/2015/02/05/16
http://www.securityfocus.com/bid/72563
https://exchange.xforce.ibmcloud.com/vulnerabilities/100656
https://www.drupal.org/node/2419483
https://www.drupal.org/node/2420089