Vulnerability Description
Open redirect vulnerability in the Services single sign-on server helper (services_sso_server_helper) module for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified parameters.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Services Single Sign-On Server Helper Project | Services Single Sign-On Server Helper | - |
References
- http://www.securityfocus.com/bid/72803
- https://www.drupal.org/node/2437965Vendor Advisory
- http://www.securityfocus.com/bid/72803
- https://www.drupal.org/node/2437965Vendor Advisory
FAQ
What is CVE-2015-2215?
CVE-2015-2215 is a vulnerability with a CVSS score of 5.8 (MEDIUM). Open redirect vulnerability in the Services single sign-on server helper (services_sso_server_helper) module for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phi...
How severe is CVE-2015-2215?
CVE-2015-2215 has been rated MEDIUM with a CVSS base score of 5.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-2215?
Check the references section above for vendor advisories and patch information. Affected products include: Services Single Sign-On Server Helper Project Services Single Sign-On Server Helper.