Merge pull request #4960 from github/Rudloff-GHSA-hxg2-5c8p-ppwm

github · Oct 30, 2024 · c40a132 · c40a132
2 parents 3d107b9 + 55f8d83
commit c40a132
Showing 1 changed file with 25 additions and 2 deletions.
diff --git a/advisories/unreviewed/2022/05/GHSA-hxg2-5c8p-ppwm/GHSA-hxg2-5c8p-ppwm.json b/advisories/unreviewed/2022/05/GHSA-hxg2-5c8p-ppwm/GHSA-hxg2-5c8p-ppwm.json
@@ -1,17 +1,36 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-hxg2-5c8p-ppwm",
-  "modified": "2022-05-17T04:55:08Z",
+  "modified": "2023-01-28T05:02:56Z",
   "published": "2022-05-17T04:55:08Z",
   "aliases": [
     "CVE-2013-6389"
   ],
+  "summary": "Open redirect vulnerability in the Overlay module in Drupal 7.x",
   "details": "Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.24 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.",
   "severity": [
 
   ],
   "affected": [
-
+    {
+      "package": {
+        "ecosystem": "Packagist",
+        "name": "drupal/drupal"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            }
+          ]
+        }
+      ],
+      "database_specific": {
+        "last_known_affected_version_range": "< 7.24"
+      }
+    }
   ],
   "references": [
     {
@@ -22,6 +41,10 @@
       "type": "WEB",
       "url": "https://drupal.org/SA-CORE-2013-003"
     },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/drupal/drupal"
+    },
     {
       "type": "WEB",
       "url": "http://www.debian.org/security/2013/dsa-2804"