Moderate severityNVD Advisory· Published May 5, 2021· Updated Aug 4, 2024
CVE-2020-13662
CVE-2020-13662
Description
Open Redirect vulnerability in Drupal Core allows a user to be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL. This issue affects: Drupal Drupal Core 7 version 7.70 and prior versions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
drupal/corePackagist | >= 7.0.0, < 7.70 | 7.70 |
drupal/drupalPackagist | >= 7.0.0, < 7.70 | 7.70 |
Affected products
4- osv-coords3 versions
>= 7.0.0, < 7.70.1+ 2 more
- (no CPE)range: >= 7.0.0, < 7.70.1
- (no CPE)range: >= 7.0.0, < 7.70
- (no CPE)range: >= 7.0.0, < 7.70
- Range: 7
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-gjqg-9rhv-qj67ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-13662ghsaADVISORY
- github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2020-13662.yamlghsaWEB
- github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2020-13662.yamlghsaWEB
- www.drupal.org/sa-core-2020-003ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.