CVE-2015-3880
MEDIUM6.1EPSS 0.71%phpBB Open Redirect
Published: 5/17/2022Modified: 2/16/2024
Also known as:GHSA-hwq7-cvp8-6hm3
Description
Open redirect vulnerability in phpBB before 3.0.14 and 3.1.x before 3.1.4 allows remote attackers to redirect users of Google Chrome to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Affected packages (1)
- Packagist/phpbb/phpbbfrom 0, < 3.0.14
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.1 | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
References (9)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2015-3880
- PATCHhttps://github.com/phpbb/phpbb
- WEBhttps://github.com/phpbb/phpbb/commit/1a3350619f428d9d69d196c52128727e27ef2f04
- WEBhttps://github.com/phpbb/phpbb/commit/c1702b8e19a69c98ef049abb4e14157e3e208ed4
- WEBhttps://web.archive.org/web/20170520103544/http://www.securityfocus.com/bid/74592
- WEBhttps://wiki.phpbb.com/Release_Highlights/3.0.14
- WEBhttps://wiki.phpbb.com/Release_Highlights/3.1.4
- WEBhttps://www.phpbb.com/community/viewtopic.php?f=14&t=2313941
- WEBhttp://www.openwall.com/lists/oss-security/2015/05/12/10