Home » 2010 » March » 05
Open redirection vulnerability in the Drupal API function drupal_goto
(Drupal 6.15 and 5.21)

Discovered by Martin Barbella <martybarbella@gmail.com>

Description of Vulnerability:
-----------------------------
Drupal is a free software package that allows an individual or a
community of users to easily publish, manage and organize a wide
variety of content on a website (http://drupal.org/about).

The drupal_goto API function is meant to "send the user to a different
Drupal page. This issues an on-site HTTP redirect. The function makes
sure the redirected URL is formatted correctly"
(http://api.drupal.org/api/function/drupal_goto).

This function will also check $_REQUEST['destination'] and
$_REQUEST['edit']['
Views: 19574 | Added by: b1zz4rd | Date: 2010-03-05 | Comments (0)