CVE-2020-13662

Name of the Vulnerable Software and Affected Versions Drupal Core version 7.70 and prior versions.

Description The issue is related to an Open Redirect vulnerability that allows a user to be tricked into visiting a specially crafted link, redirecting them to an arbitrary external URL. This is due to insufficient input validation, which can be exploited by a remote attacker to access and compromise confidential data using a specially crafted link.

Recommendations For Drupal Core version 7.70 and prior versions, update to a version that contains a fix for this issue. As a temporary workaround, consider restricting access to external URLs to minimize the risk of exploitation.