English
EN
Français
FR
Language
English
EN
Français
FR

CVE Vulnerabilities

Posts & Pages

No results found for ""

Try different keywords or check spelling

Search in CVE database, posts & pages • Press ESC to close

DNA View

CVE-2015-2750

Low
Low Medium High Critical
CVSS Score
Published: Sep 13, 2017
Last Modified: Apr 20, 2025
CWE: CWE-601

Vulnerability Description

Open redirect vulnerability in URL-related API functions in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the "//" initial sequence.

Known Affected Software

72 configuration(s) from 2 vendor(s)

debian_linux
Version:
8.0
CPE:
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
debian_linux
Version:
9.0
CPE:
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
drupal
Version:
6.14
CPE:
cpe:2.3:a:drupal:drupal:6.14:*:*:*:*:*:*:*
drupal
Version:
7.26
CPE:
cpe:2.3:a:drupal:drupal:7.26:*:*:*:*:*:*:*
drupal
Version:
6.17
CPE:
cpe:2.3:a:drupal:drupal:6.17:*:*:*:*:*:*:*
drupal
Version:
6.15
CPE:
cpe:2.3:a:drupal:drupal:6.15:*:*:*:*:*:*:*
drupal
Version:
6.31
CPE:
cpe:2.3:a:drupal:drupal:6.31:*:*:*:*:*:*:*
drupal
Version:
7.9
CPE:
cpe:2.3:a:drupal:drupal:7.9:*:*:*:*:*:*:*
drupal
Version:
6.20
CPE:
cpe:2.3:a:drupal:drupal:6.20:*:*:*:*:*:*:*
drupal
Version:
6.7
CPE:
cpe:2.3:a:drupal:drupal:6.7:*:*:*:*:*:*:*
drupal
Version:
7.5
CPE:
cpe:2.3:a:drupal:drupal:7.5:*:*:*:*:*:*:*
drupal
Version:
7.3
CPE:
cpe:2.3:a:drupal:drupal:7.3:*:*:*:*:*:*:*
drupal
Version:
7.32
CPE:
cpe:2.3:a:drupal:drupal:7.32:*:*:*:*:*:*:*
drupal
Version:
7.24
CPE:
cpe:2.3:a:drupal:drupal:7.24:*:*:*:*:*:*:*
drupal
Version:
7.4
CPE:
cpe:2.3:a:drupal:drupal:7.4:*:*:*:*:*:*:*
drupal
Version:
6.30
CPE:
cpe:2.3:a:drupal:drupal:6.30:*:*:*:*:*:*:*
drupal
Version:
6.11
CPE:
cpe:2.3:a:drupal:drupal:6.11:*:*:*:*:*:*:*
drupal
Version:
7.11
CPE:
cpe:2.3:a:drupal:drupal:7.11:*:*:*:*:*:*:*
drupal
Version:
7.0
CPE:
cpe:2.3:a:drupal:drupal:7.0:beta1:*:*:*:*:*:*
drupal
Version:
7.21
CPE:
cpe:2.3:a:drupal:drupal:7.21:*:*:*:*:*:*:*
drupal
Version:
7.27
CPE:
cpe:2.3:a:drupal:drupal:7.27:*:*:*:*:*:*:*
drupal
Version:
6.29
CPE:
cpe:2.3:a:drupal:drupal:6.29:*:*:*:*:*:*:*
drupal
Version:
6.0
CPE:
cpe:2.3:a:drupal:drupal:6.0:dev:*:*:*:*:*:*
drupal
Version:
6.26
CPE:
cpe:2.3:a:drupal:drupal:6.26:*:*:*:*:*:*:*
drupal
Version:
6.9
CPE:
cpe:2.3:a:drupal:drupal:6.9:*:*:*:*:*:*:*
drupal
Version:
6.8
CPE:
cpe:2.3:a:drupal:drupal:6.8:*:*:*:*:*:*:*
drupal
Version:
6.18
CPE:
cpe:2.3:a:drupal:drupal:6.18:*:*:*:*:*:*:*
drupal
Version:
6.34
CPE:
cpe:2.3:a:drupal:drupal:6.34:*:*:*:*:*:*:*
drupal
Version:
6.24
CPE:
cpe:2.3:a:drupal:drupal:6.24:*:*:*:*:*:*:*
drupal
Version:
6.21
CPE:
cpe:2.3:a:drupal:drupal:6.21:*:*:*:*:*:*:*
drupal
Version:
7.23
CPE:
cpe:2.3:a:drupal:drupal:7.23:*:*:*:*:*:*:*
drupal
Version:
6.28
CPE:
cpe:2.3:a:drupal:drupal:6.28:*:*:*:*:*:*:*
drupal
Version:
7.8
CPE:
cpe:2.3:a:drupal:drupal:7.8:*:*:*:*:*:*:*
drupal
Version:
6.1
CPE:
cpe:2.3:a:drupal:drupal:6.1:*:*:*:*:*:*:*
drupal
Version:
7.7
CPE:
cpe:2.3:a:drupal:drupal:7.7:*:*:*:*:*:*:*
drupal
Version:
6.22
CPE:
cpe:2.3:a:drupal:drupal:6.22:*:*:*:*:*:*:*
drupal
Version:
7.10
CPE:
cpe:2.3:a:drupal:drupal:7.10:*:*:*:*:*:*:*
drupal
Version:
6.33
CPE:
cpe:2.3:a:drupal:drupal:6.33:*:*:*:*:*:*:*
drupal
Version:
7.33
CPE:
cpe:2.3:a:drupal:drupal:7.33:*:*:*:*:*:*:*
drupal
Version:
7.2
CPE:
cpe:2.3:a:drupal:drupal:7.2:*:*:*:*:*:*:*
drupal
Version:
6.5
CPE:
cpe:2.3:a:drupal:drupal:6.5:*:*:*:*:*:*:*
drupal
Version:
7.29
CPE:
cpe:2.3:a:drupal:drupal:7.29:*:*:*:*:*:*:*
drupal
Version:
6.32
CPE:
cpe:2.3:a:drupal:drupal:6.32:*:*:*:*:*:*:*
drupal
Version:
7.15
CPE:
cpe:2.3:a:drupal:drupal:7.15:*:*:*:*:*:*:*
drupal
Version:
6.4
CPE:
cpe:2.3:a:drupal:drupal:6.4:*:*:*:*:*:*:*
drupal
Version:
6.2
CPE:
cpe:2.3:a:drupal:drupal:6.2:*:*:*:*:*:*:*
drupal
Version:
7.22
CPE:
cpe:2.3:a:drupal:drupal:7.22:*:*:*:*:*:*:*
drupal
Version:
7.25
CPE:
cpe:2.3:a:drupal:drupal:7.25:*:*:*:*:*:*:*
drupal
Version:
6.27
CPE:
cpe:2.3:a:drupal:drupal:6.27:*:*:*:*:*:*:*
drupal
Version:
6.13
CPE:
cpe:2.3:a:drupal:drupal:6.13:*:*:*:*:*:*:*
drupal
Version:
7.34
CPE:
cpe:2.3:a:drupal:drupal:7.34:*:*:*:*:*:*:*
drupal
Version:
7.28
CPE:
cpe:2.3:a:drupal:drupal:7.28:*:*:*:*:*:*:*
drupal
Version:
7.16
CPE:
cpe:2.3:a:drupal:drupal:7.16:*:*:*:*:*:*:*
drupal
Version:
7.1
CPE:
cpe:2.3:a:drupal:drupal:7.1:*:*:*:*:*:*:*
drupal
Version:
7.30
CPE:
cpe:2.3:a:drupal:drupal:7.30:*:*:*:*:*:*:*
drupal
Version:
7.13
CPE:
cpe:2.3:a:drupal:drupal:7.13:*:*:*:*:*:*:*
drupal
Version:
7.14
CPE:
cpe:2.3:a:drupal:drupal:7.14:*:*:*:*:*:*:*
drupal
Version:
7.31
CPE:
cpe:2.3:a:drupal:drupal:7.31:*:*:*:*:*:*:*
drupal
Version:
7.17
CPE:
cpe:2.3:a:drupal:drupal:7.17:*:*:*:*:*:*:*
drupal
Version:
7.19
CPE:
cpe:2.3:a:drupal:drupal:7.19:*:*:*:*:*:*:*
drupal
Version:
6.19
CPE:
cpe:2.3:a:drupal:drupal:6.19:*:*:*:*:*:*:*
drupal
Version:
7.12
CPE:
cpe:2.3:a:drupal:drupal:7.12:*:*:*:*:*:*:*
drupal
Version:
6.23
CPE:
cpe:2.3:a:drupal:drupal:6.23:*:*:*:*:*:*:*
drupal
Version:
7.20
CPE:
cpe:2.3:a:drupal:drupal:7.20:*:*:*:*:*:*:*
drupal
Version:
7.18
CPE:
cpe:2.3:a:drupal:drupal:7.18:*:*:*:*:*:*:*
drupal
Version:
6.12
CPE:
cpe:2.3:a:drupal:drupal:6.12:*:*:*:*:*:*:*
drupal
Version:
6.3
CPE:
cpe:2.3:a:drupal:drupal:6.3:*:*:*:*:*:*:*
drupal
Version:
6.10
CPE:
cpe:2.3:a:drupal:drupal:6.10:*:*:*:*:*:*:*
drupal
Version:
6.16
CPE:
cpe:2.3:a:drupal:drupal:6.16:*:*:*:*:*:*:*
drupal
Version:
6.25
CPE:
cpe:2.3:a:drupal:drupal:6.25:*:*:*:*:*:*:*
drupal
Version:
6.6
CPE:
cpe:2.3:a:drupal:drupal:6.6:*:*:*:*:*:*:*
drupal
Version:
7.6
CPE:
cpe:2.3:a:drupal:drupal:7.6:*:*:*:*:*:*:*
This vulnerability affects 72 software configuration(s). Ensure you patch all affected systems.

References & Resources

Severity Details

out of 10.0
Low

Weakness Type (CWE)

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

Description
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.
Exploit Likelihood
Low
Typical Severity
High
Abstraction Level
Base
View CWE Details on MITRE

Key Information

Published Date
September 13, 2017

External Resources

NIST
NIST NVD
National Vulnerability Database
MT
MITRE CVE
Official CVE record