A malicious user may entice users to visit a specially crafted URL that may
result in the redirection of Drupal form submission to a third-party site. A
user visiting the user registration page via such a url, for example, will
submit all data, such as his/her e-mail address, but also possible private
profile data, to a third-party site.
Solution
If you are running Drupal 4.6.x then upgrade to Drupal 4.6.10.
http://ftp.osuosl.org/pub/drupal/files/projects/drupal-4.6.10.tar.gz
If you are running Drupal 4.7.x then upgrade to Drupal 4.7.4.
http://ftp.osuosl.org/pub/drupal/files/projects/drupal-4.7.4.tar.gz
To patch Drupal 4.6.9 use http://drupal.org/files/sa-2006-026/4.6.9.patch.
To patch Drupal 4.7.3 use http://drupal.org/files/sa-2006-026/4.7.3.patch.
Please note that the patches only contain changes related to this advisory,
and do not fix bugs that were solved in 4.6.10 or 4.7.4.
Frederic Marand.
The security contact for Drupal can be reached at security at drupal.org or
using the form at http://drupal.org/contact.
Uwe Hermann
http://www.hermann-uwe.de
http://www.it-services-uh.de | http://www.crazy-hacks.org
http://www.holsham-traders.de | http://www.unmaintained-free-software.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFN7D2XdVoV3jWIbQRAn30AJ4wDXVgTcsZ6AVZU0iz8oFYqTx8dACeNXFj
D4MxzZKaxPKknex3KMezI6Y=
=eFVr
-----END PGP SIGNATURE-----