Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1od3E3LWN2cDgtNmhtM84AAYvg
phpBB Open Redirect
Open redirect vulnerability in phpBB before 3.0.14 and 3.1.x before 3.1.4 allows remote attackers to redirect users of Google Chrome to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Permalink: https://github.com/advisories/GHSA-hwq7-cvp8-6hm3JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1od3E3LWN2cDgtNmhtM84AAYvg
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: almost 2 years ago
Updated: 9 months ago
CVSS Score: 6.1
CVSS vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Identifiers: GHSA-hwq7-cvp8-6hm3, CVE-2015-3880
References:
- https://nvd.nist.gov/vuln/detail/CVE-2015-3880
- https://github.com/phpbb/phpbb/commit/1a3350619f428d9d69d196c52128727e27ef2f04
- https://wiki.phpbb.com/Release_Highlights/3.0.14
- https://wiki.phpbb.com/Release_Highlights/3.1.4
- https://www.phpbb.com/community/viewtopic.php?f=14&t=2313941
- http://www.openwall.com/lists/oss-security/2015/05/12/10
- https://github.com/phpbb/phpbb/commit/c1702b8e19a69c98ef049abb4e14157e3e208ed4
- https://web.archive.org/web/20170520103544/http://www.securityfocus.com/bid/74592
- https://github.com/advisories/GHSA-hwq7-cvp8-6hm3
Blast Radius: 13.6
Affected Packages
packagist:phpbb/phpbb
Dependent packages: 23Dependent repositories: 168
Downloads: 19,683 total
Affected Version Ranges: >= 3.1.0, < 3.1.4, < 3.0.14
Fixed in: 3.1.4, 3.0.14
All affected versions: 3.0.12, 3.0.13, 3.1.0, 3.1.1, 3.1.2, 3.1.3
All unaffected versions: 3.0.14, 3.1.4, 3.1.5, 3.1.6, 3.1.7, 3.1.8, 3.1.9, 3.1.10, 3.1.11, 3.1.12, 3.2.0, 3.2.1, 3.2.2, 3.2.3, 3.2.4, 3.2.5, 3.2.6, 3.2.7, 3.2.8, 3.2.9, 3.2.10, 3.2.11, 3.3.0, 3.3.1, 3.3.2, 3.3.3, 3.3.4, 3.3.5, 3.3.6, 3.3.7, 3.3.8, 3.3.9, 3.3.10, 3.3.11