Description

Open redirect vulnerability in SilverStripe CMS & Framework 3.1.13 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the returnURL parameter to dev/build.

Remediation

References

CVE-2015-5062

Related Vulnerabilities

WordPress Plugin Blogstand Banner Cross-Site Scripting (1.0)

WordPress Plugin Google Analytics Top Content Widget Cross-Site Scripting (1.5.6)

WordPress Plugin Shariff Wrapper Local File Inclusion (4.6.13)

WordPress Plugin Zephyr Project Manager Cross-Site Scripting (3.2.40)

WordPress Plugin Ultimate Instagram Feed Unspecified Vulnerability (1.3)

Severity

Medium

Classification

CVE-2015-5062

Tags

Missing Update Known Vulnerabilities