Drupal 7 core - Moderately critical - Open Redirect - SA-CORE-2020-003
Project: Drupal core Date: 2020-May-20 Security risk: Moderately critical 10∕25 Vulnerability: Open Redirect
Drupal 7 has an Open Redirect vulnerability. For example, a user could be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL.
The vulnerability is caused by insufficient validation of the destination query parameter in the
Other versions of Drupal core are not vulnerable.
Install the latest version:
If you use Drupal 7.x upgrade to Drupal 7.70