External Links Filter - Moderately critical - Open Redirect Vulnerability - SA-CONTRIB-2019-063

Project: External Links Filter
Date: 2019-August-14
Security risk: Moderately critical 10∕25 
Vulnerability: Open Redirect Vulnerability

Description

The External Link Filter module provides an input filter that replaces external links by a local link that redirects to the target URL.

The module did not have protection for the Redirect URL to go where content authors intended.

Install the latest version:

If you use the External Links Filter module for Drupal 7.x, upgrade to External Links Filter version 7.x-3.1
If you use the External Links Filter module for Drupal 8.x, upgrade to External Links Filter version 8.x-1.2

Also see the External Links Filter project page.