CVE-2009-4534

Open redirect vulnerability in the FAQ Ask module 5.x and 6.x before 6.x-2.0, a module for Drupal, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
nanwichfaq_ask
𝑥
≤ 6.x-2.x-dev
nanwichfaq_ask
5.x-1.0:x
nanwichfaq_ask
5.x-1.0-beta1:x
nanwichfaq_ask
5.x-1.0-beta2:x
nanwichfaq_ask
5.x-1.0-beta3:x
nanwichfaq_ask
5.x-1.0-beta4:x
nanwichfaq_ask
5.x-1.1:x
nanwichfaq_ask
5.x-1.2:x
nanwichfaq_ask
5.x-1.3:x
nanwichfaq_ask
5.x-1.x-dev:x
nanwichfaq_ask
6.x-1.0:x
nanwichfaq_ask
6.x-1.0-beta1:x
nanwichfaq_ask
6.x-1.1:x
nanwichfaq_ask
6.x-1.2:x
nanwichfaq_ask
6.x-1.x-dev:x
nanwichfaq_ask
6.x-2.0-alpha1:x
𝑥
= Vulnerable software versions
References
http://drupal.org/node/617444
http://www.securityfocus.com/bid/36877
http://drupal.org/node/617444
http://www.securityfocus.com/bid/36877