CVE-2015-3880
MEDIUM6.1EPSS 0.71%phpBB Open Redirect
發布日:2022/5/17修改日:2024/2/16
描述
Open redirect vulnerability in phpBB before 3.0.14 and 3.1.x before 3.1.4 allows remote attackers to redirect users of Google Chrome to arbitrary web sites and conduct phishing attacks via unspecified vectors.
受影響套件(1)
- Packagist/phpbb/phpbbfrom 0, < 3.0.14
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.1 | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
參考連結(9)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2015-3880
- PATCHhttps://github.com/phpbb/phpbb
- WEBhttps://github.com/phpbb/phpbb/commit/1a3350619f428d9d69d196c52128727e27ef2f04
- WEBhttps://github.com/phpbb/phpbb/commit/c1702b8e19a69c98ef049abb4e14157e3e208ed4
- WEBhttps://web.archive.org/web/20170520103544/http://www.securityfocus.com/bid/74592
- WEBhttps://wiki.phpbb.com/Release_Highlights/3.0.14
- WEBhttps://wiki.phpbb.com/Release_Highlights/3.1.4
- WEBhttps://www.phpbb.com/community/viewtopic.php?f=14&t=2313941
- WEBhttp://www.openwall.com/lists/oss-security/2015/05/12/10