Vulnerabilities > CVE-2015-4398 - Unspecified vulnerability in Chaos Tool Suite Project Ctools
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Open redirect vulnerability in the Chaos tool suite (ctools) module before 6.x-1.12 and 7.x-1.x before 7.x-1.7 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors involving processing confirmation delete pages.
Vulnerable Configurations
References
- http://www.openwall.com/lists/oss-security/2015/03/22/35
- http://www.openwall.com/lists/oss-security/2015/03/22/35
- http://www.openwall.com/lists/oss-security/2015/04/25/6
- http://www.openwall.com/lists/oss-security/2015/04/25/6
- http://www.securityfocus.com/bid/73224
- http://www.securityfocus.com/bid/73224
- https://www.drupal.org/node/2454883
- https://www.drupal.org/node/2454883
- https://www.drupal.org/node/2454885
- https://www.drupal.org/node/2454885
- https://www.drupal.org/node/2454909
- https://www.drupal.org/node/2454909