FreeBSD : drupal -- open redirect vulnerability (75f39413-7a00-11e5-a2a1-002590263bf5)
Medium Nessus Plugin ID 86587
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionDrupal development team reports :
This vulnerability is mitigated by the fact that it can only be used against site users who have the 'Access the administrative overlay' permission, and that the Overlay module must be enabled.
An incomplete fix for this issue was released as part of SA-CORE-2015-002.
SolutionUpdate the affected package.