CVE-2013-4595

Name of the Vulnerable Software and Affected Versions Drupal Secure Pages module versions 6.x-2.x before 6.x-2.0

Description The issue arises from the Secure Pages module's improper matching of URLs, leading to the use of HTTP instead of HTTPS. This makes it easier for remote attackers to obtain sensitive information via a crafted web page.

Recommendations For versions 6.x-2.x before 6.x-2.0, update to version 6.x-2.0 or later to resolve the issue.