CVE-2012-1589
medium
CVSS v3
โ
CVSS v4 NEW
โ
VIR risk
5.8
Description
Drupal Open Redirect
Predictions
Exploit likelihood
20%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Package impact
| Ecosystem | Package | Vulnerable | Fixed |
|---|---|---|---|
| Packagist | drupal/drupal | >=7.0,<7.13 | 7.13 |
References
- http://drupal.org/node/1557938
- http://jvn.jp/en/jp/JVN45898075/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2012-000045
- http://osvdb.org/81679
- http://secunia.com/advisories/49012
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:074
- http://www.securityfocus.com/bid/53365
- https://nvd.nist.gov/vuln/detail/CVE-2012-1589
- https://web.archive.org/web/20120507035905/http://www.securityfocus.com/bid/53365
- https://web.archive.org/web/20150523060428/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2013:074/?name=MDVSA-2013:074
CWEs
CWE-20
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.