Description
Open redirect vulnerability in forums/login.php in FluxBB before 1.4.13 and 1.5.x before 1.5.7 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect_url parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin InfiniteWP Client PHP Object Injection (1.6.0)
Drupal Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-2372)
WordPress Plugin GA Backend Tracking Cross-Site Scripting (1.2)
WordPress Plugin AJAX Comment Page Cross-Site Scripting (3.25)
MySQL Cleartext Transmission of Sensitive Information Vulnerability (CVE-2017-3305)