-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| drupal/core | composer | >= 7.0.0, < 7.70 | 7.70 |
Miggo AIRoot Cause AnalysisThe vulnerability description explicitly states the root cause is insufficient validation in drupal_goto(). This function handles redirect logic in Drupal 7 and processes the 'destination' parameter. The advisory confirms this function's improper validation allows external redirects. The file path matches Drupal 7's core structure where common.inc contains redirect handling utilities.
A Semantic Attack on Google Gemini - Read the Latest Research