---

CVE-2016-9451 - log back

CVE-2016-9451 created at 25 Sep 2019 19:31:40
Severity	+ Medium
Remote	+ Remote
Type	+ Open redirect
Description	+ Under certain circumstances, malicious users could construct a URL to a confirmation form that would trick users into being redirected to a 3rd party website after interacting with the form, thereby exposing the users to potential social engineering attacks.
References	+ https://www.drupal.org/SA-CORE-2016-005
Notes	+ This issue only affects drupal version 7