CVE-2014-9363

Open redirect vulnerability in the path-based meta tag editing form in the Meta tags quick module 7.x-2.x before 7.x-2.8 for Drupal allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via the destination parameter.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
meta_tags_quick_projectmeta_tags_quick
7.x-2.0:x
meta_tags_quick_projectmeta_tags_quick
7.x-2.1:x
meta_tags_quick_projectmeta_tags_quick
7.x-2.2:x
meta_tags_quick_projectmeta_tags_quick
7.x-2.3:x
meta_tags_quick_projectmeta_tags_quick
7.x-2.4:x
meta_tags_quick_projectmeta_tags_quick
7.x-2.5:x
meta_tags_quick_projectmeta_tags_quick
7.x-2.6:x
meta_tags_quick_projectmeta_tags_quick
7.x-2.7:x
𝑥
= Vulnerable software versions
References
https://www.drupal.org/node/2295975
https://www.drupal.org/node/2296511
https://www.drupal.org/node/2295975
https://www.drupal.org/node/2296511