Drupal Core 7.x Multiple Vulnerabilities - CVE-2015-3233

Drupal Core is prone to multiple vulnerabilities including open redirect information disclosure and security bypass vulnerabilities. Exploiting these issues could allow an attacker to redirect users to arbitrary web sites and conduct phishing attacks to obtain sensitive information that may help in launching further attacks or to perform otherwise restricted actions and subsequently log in as other users on the site including administrators and hijack their accounts. Drupal Core versions 7.x ranging from 7.0 and up to and including 7.37 are vulnerable.