CVE-2009-4534

EUVD-2009-4500
Open redirect vulnerability in the FAQ Ask module 5.x and 6.x before 6.x-2.0, a module for Drupal, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 38%
Affected Products (NVD)
VendorProductVersion
nanwichfaq_ask
𝑥
≤ 6.x-2.x-dev
nanwichfaq_ask
5.x-1.0:x
nanwichfaq_ask
5.x-1.0-beta1:x
nanwichfaq_ask
5.x-1.0-beta2:x
nanwichfaq_ask
5.x-1.0-beta3:x
nanwichfaq_ask
5.x-1.0-beta4:x
nanwichfaq_ask
5.x-1.1:x
nanwichfaq_ask
5.x-1.2:x
nanwichfaq_ask
5.x-1.3:x
nanwichfaq_ask
5.x-1.x-dev:x
nanwichfaq_ask
6.x-1.0:x
nanwichfaq_ask
6.x-1.0-beta1:x
nanwichfaq_ask
6.x-1.1:x
nanwichfaq_ask
6.x-1.2:x
nanwichfaq_ask
6.x-1.x-dev:x
nanwichfaq_ask
6.x-2.0-alpha1:x
𝑥
= Vulnerable software versions
References
http://drupal.org/node/617444
http://www.securityfocus.com/bid/36877
http://drupal.org/node/617444
http://www.securityfocus.com/bid/36877