Vulnerabilities > CVE-2015-5510 - Unspecified vulnerability in Content Construction KIT Project Content Construction KIT

CVSS 5.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

network

content-construction-kit-project

NVD

Published: 2015-08-18

Updated: 2015-09-03

Summary

Open redirect vulnerability in the Content Construction Kit (CCK) 6.x-2.x before 6.x-2.10 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the destinations parameter, related to administration pages. <a href="http://cwe.mitre.org/data/definitions/601.html">CWE-601: URL Redirection to Untrusted Site ('Open Redirect')</a>

Vulnerable Configurations

Part	Description	Count
Application	Content_Construction_Kit_Project Content Construction KIT Project Content Construction KIT 6.X-2.0 Content Construction KIT Project Content Construction KIT 6.X-2.1 Content Construction KIT Project Content Construction KIT 6.X-2.2 Content Construction KIT Project Content Construction KIT 6.X-2.3 Content Construction KIT Project Content Construction KIT 6.X-2.4 Content Construction KIT Project Content Construction KIT 6.X-2.5 Content Construction KIT Project Content Construction KIT 6.X-2.6 Content Construction KIT Project Content Construction KIT 6.X-2.7 Content Construction KIT Project Content Construction KIT 6.X-2.8 Content Construction KIT Project Content Construction KIT 6.X-2.9	10

Summary

Vulnerable Configurations

References