What is the severity of CVE-2015-3378?

CVE-2015-3378 has a moderate severity rating due to its potential for phishing attacks through arbitrary redirects.

How do I fix CVE-2015-3378?

To fix CVE-2015-3378, update the Views module to version 6.x-2.18, 6.x-3.2, or 7.x-3.10 or later.

What versions of the Views module are affected by CVE-2015-3378?

CVE-2015-3378 affects the Views module versions prior to 6.x-2.18, 6.x-3.2, and 7.x-3.10.

Who can exploit CVE-2015-3378?

CVE-2015-3378 can be exploited by remote authenticated users who have access to the Views UI submodule.

What are the risks associated with CVE-2015-3378?

The risks associated with CVE-2015-3378 include the potential for users to be redirected to malicious websites, leading to phishing attacks.

Vulnerability/
CVE-2015-3378

medium

4.9

21/4/2015

6/8/2024

CVE-2015-3378

First published: Tue Apr 21 2015(Updated: )

Open redirect vulnerability in the Views module before 6.x-2.18, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.10 for Drupal, when the Views UI submodule is enabled, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via vectors related to the break lock page for edited views.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Views Project Views	<=6.x-2.16
Views Project Views	=6.x-3.0
Views Project Views	=6.x-3.0-alpha1
Views Project Views	=6.x-3.0-alpha2
Views Project Views	=6.x-3.0-alpha3
Views Project Views	=6.x-3.0-alpha4
Views Project Views	=6.x-3.0-rc2
Views Project Views	=6.x-3.0-rc3
Views Project Views	=7.x-3.0
Views Project Views	=7.x-3.0-alpha1
Views Project Views	=7.x-3.0-beta1
Views Project Views	=7.x-3.0-beta2
Views Project Views	=7.x-3.0-beta3
Views Project Views	=7.x-3.0-rc1
Views Project Views	=7.x-3.0-rc3
Views Project Views	=7.x-3.1
Views Project Views	=7.x-3.2
Views Project Views	=7.x-3.3
Views Project Views	=7.x-3.4
Views Project Views	=7.x-3.5
Views Project Views	=7.x-3.6
Views Project Views	=7.x-3.7
Views Project Views	=7.x-3.8
Views Project Views	=7.x-3.x-dev

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-3378?
CVE-2015-3378 has a moderate severity rating due to its potential for phishing attacks through arbitrary redirects.
How do I fix CVE-2015-3378?
To fix CVE-2015-3378, update the Views module to version 6.x-2.18, 6.x-3.2, or 7.x-3.10 or later.
What versions of the Views module are affected by CVE-2015-3378?
CVE-2015-3378 affects the Views module versions prior to 6.x-2.18, 6.x-3.2, and 7.x-3.10.
Who can exploit CVE-2015-3378?
CVE-2015-3378 can be exploited by remote authenticated users who have access to the Views UI submodule.
What are the risks associated with CVE-2015-3378?
The risks associated with CVE-2015-3378 include the potential for users to be redirected to malicious websites, leading to phishing attacks.

collector/nvd-index
agent/references
agent/type
agent/remedy
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/author
agent/tags
agent/description
agent/event
agent/first-publish-date
agent/source
vendor/views project
canonical/views project views
version/views project views/6.x-2.16
version/views project views/6.x-3.0
version/views project views/6.x-3.0-alpha1
version/views project views/6.x-3.0-alpha2
version/views project views/6.x-3.0-alpha3
version/views project views/6.x-3.0-alpha4
version/views project views/6.x-3.0-rc2
version/views project views/6.x-3.0-rc3
version/views project views/7.x-3.0
version/views project views/7.x-3.0-alpha1
version/views project views/7.x-3.0-beta1
version/views project views/7.x-3.0-beta2
version/views project views/7.x-3.0-beta3
version/views project views/7.x-3.0-rc1
version/views project views/7.x-3.0-rc3
version/views project views/7.x-3.1
version/views project views/7.x-3.2
version/views project views/7.x-3.3
version/views project views/7.x-3.4
version/views project views/7.x-3.5
version/views project views/7.x-3.6
version/views project views/7.x-3.7
version/views project views/7.x-3.8
version/views project views/7.x-3.x-dev

Frequently Asked Questions

What is the severity of CVE-2015-3378?
CVE-2015-3378 has a moderate severity rating due to its potential for phishing attacks through arbitrary redirects.
How do I fix CVE-2015-3378?
To fix CVE-2015-3378, update the Views module to version 6.x-2.18, 6.x-3.2, or 7.x-3.10 or later.
What versions of the Views module are affected by CVE-2015-3378?
CVE-2015-3378 affects the Views module versions prior to 6.x-2.18, 6.x-3.2, and 7.x-3.10.
Who can exploit CVE-2015-3378?
CVE-2015-3378 can be exploited by remote authenticated users who have access to the Views UI submodule.
What are the risks associated with CVE-2015-3378?
The risks associated with CVE-2015-3378 include the potential for users to be redirected to malicious websites, leading to phishing attacks.

CVE-2015-3378

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-3378?

How do I fix CVE-2015-3378?

What versions of the Views module are affected by CVE-2015-3378?

Who can exploit CVE-2015-3378?

What are the risks associated with CVE-2015-3378?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2015-3378?

How do I fix CVE-2015-3378?

What versions of the Views module are affected by CVE-2015-3378?

Who can exploit CVE-2015-3378?

What are the risks associated with CVE-2015-3378?