Open redirect vulnerability in the Modern FAQ (irfaq) extension 1.1.2 and other versions before 1.1.4 for TYPO3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL, probably in the "return url parameter."
References
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 01:33
Type | Values Removed | Values Added |
---|---|---|
References | () http://osvdb.org/78750 - | |
References | () http://secunia.com/advisories/47823 - Vendor Advisory | |
References | () http://typo3.org/extensions/repository/view/irfaq/1.1.4/info/ChangeLog/ - Patch | |
References | () http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-001/ - Patch, Vendor Advisory | |
References | () http://www.securityfocus.com/bid/51845 - |
Information
Published : 2012-02-14 17:55
Updated : 2024-11-21 01:33
NVD link : CVE-2011-5079
Mitre link : CVE-2011-5079
CVE.ORG link : CVE-2011-5079
JSON object : View
Products Affected
netcreators
- irfaq
typo3
- typo3
CWE
CWE-20
Improper Input Validation