{"id":"CVE-2020-13662","details":"Open Redirect vulnerability in Drupal Core allows a user to be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL. This issue affects: Drupal Drupal Core 7 version 7.70 and prior versions.","aliases":["BIT-drupal-2020-13662","GHSA-gjqg-9rhv-qj67"],"modified":"2026-03-14T10:07:57.855141Z","published":"2021-05-05T15:15:08.197Z","references":[{"type":"ADVISORY","url":"https://www.drupal.org/sa-core-2020-003"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/drupal/drupal","events":[{"introduced":"497914920385b7016ac9c9367e0198530787adf2"},{"last_affected":"c62d5ba13e02923cf4f6e2a7ede0d2afcaa68043"}],"database_specific":{"versions":[{"introduced":"7.0"},{"last_affected":"7.70"}]}}],"versions":["7.0","7.1","7.10","7.11","7.12","7.13","7.14","7.15","7.16","7.17","7.18","7.19","7.2","7.20","7.21","7.22","7.23","7.24","7.25","7.26","7.27","7.28","7.29","7.3","7.30","7.31","7.32","7.33","7.34","7.35","7.36","7.37","7.38","7.39","7.4","7.40","7.41","7.42","7.43","7.44","7.5","7.50","7.51","7.52","7.53","7.54","7.55","7.56","7.57","7.58","7.59","7.6","7.60","7.61","7.62","7.63","7.64","7.65","7.66","7.67","7.68","7.69","7.7","7.70","7.8","7.9"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-13662.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}