CVE-2015-3233 - Argyle Breaks

Description

Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.38 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Reference

https://www.drupal.org/SA-CORE-2015-002 http://www.debian.org/security/2015/dsa-3291 https://www.drupal.org/node/2507735 http://www.openwall.com/lists/oss-security/2015/07/04/4 https://www.drupal.org/node/2507729 https://www.drupal.org/node/2507741 https://www.drupal.org/node/2507555 https://www.drupal.org/node/2507535 https://www.drupal.org/node/2507561 http://www.securityfocus.com/bid/75284 http://www.securityfocus.com/bid/75279 http://www.securityfocus.com/bid/75280 http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161265.html http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161261.html