Description

Open redirect vulnerability in Vanilla Forums before 2.0.17.6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the Target parameter to an unspecified component, a different vulnerability than CVE-2011-0526.

Remediation

References

CVE-2011-0908

Related Vulnerabilities

Moodle Other Vulnerability (CVE-2022-40208)

Claroline Other Vulnerability (CVE-2005-1376)

Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-1866)

WordPress Plugin WP-DBManager Arbitrary File Deletion (2.79.1)

WordPress Plugin CWIS-Antivirus Security Scanner Unspecified Vulnerability (2.3.2)

Severity

Medium

Classification

CVE-2011-0908 CWE-20

Tags

Missing Update Known Vulnerabilities