MidnightBSD

Advisories for jquery_update_project

CVE-2015-7943 MEDIUM

Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-3233.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-601,

Products Affected

Vendor Product Version
drupal drupal 7.6
drupal drupal 7.18
drupal drupal 7.28
drupal drupal 7.33
drupal drupal 7.35
drupal drupal 7.32
drupal drupal 7.19
drupal drupal 7.38
drupal drupal 7.10
jquery_update_project jquery_update 7.x-2.5
jquery_update_project jquery_update 7.x-2.3
drupal drupal 7.3
drupal drupal 7.17
labjs_project labjs 7.x-1.4
jquery_update_project jquery_update 7.x-2.0
drupal drupal 7.20
labjs_project labjs 7.x-1.1
labjs_project labjs 7.x-1.0
labjs_project labjs 7.x-1.3
labjs_project labjs 7.x-1.6
drupal drupal 7.26
drupal drupal 7.21
drupal drupal 7.13
drupal drupal 7.31
drupal drupal 7.40
drupal drupal 7.30
drupal drupal 7.4
labjs_project labjs 7.x-1.7
drupal drupal 7.1
drupal drupal 7.39
drupal drupal 7.2
drupal drupal 7.15
drupal drupal 7.27
drupal drupal 7.36
jquery_update_project jquery_update 7.x-2.6
drupal drupal 7.16
jquery_update_project jquery_update 7.x-2.2
drupal drupal 7.24
drupal drupal 7.37
drupal drupal 7.11
drupal drupal 7.12
drupal drupal 7.9
drupal drupal 7.34
drupal drupal 7.23
jquery_update_project jquery_update 7.x-2.4
drupal drupal 7.8
jquery_update_project jquery_update 7.x-2.1
drupal drupal 7.22
labjs_project labjs 7.x-1.5
drupal drupal 7.0
labjs_project labjs 7.x-1.2
drupal drupal 7.7
drupal drupal 7.5
drupal drupal 7.29
drupal drupal 7.14
drupal drupal 7.25