CVE-2015-7943

Name of the Vulnerable Software and Affected Versions Drupal versions prior to 7.41 jQuery Update module versions prior to 7.x-2.7 for Drupal LABjs module versions prior to 7.x-1.8 for Drupal

Description The issue allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks. This is due to an incomplete fix for a previous issue.

Recommendations For Drupal versions prior to 7.41, update to version 7.41 or later. For jQuery Update module versions prior to 7.x-2.7, update to version 7.x-2.7 or later. For LABjs module versions prior to 7.x-1.8, update to version 7.x-1.8 or later.