CVE-2013-4339

Опубликовано: 12 сент. 2013

Источник: debian

EPSS Низкий

Описание

WordPress before 3.6.1 does not properly validate URLs before use in an HTTP redirect, which allows remote attackers to bypass intended redirection restrictions via a crafted string.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
wordpress	fixed	3.6.1+dfsg-1		package

Примечания

http://core.trac.wordpress.org/changeset/25323
http://core.trac.wordpress.org/changeset/25324

EPSS

Процентиль: 75%

0.00882

Низкий

Связанные уязвимости

CVE-2013-4339

ubuntu

около 12 лет назад

WordPress before 3.6.1 does not properly validate URLs before use in an HTTP redirect, which allows remote attackers to bypass intended redirection restrictions via a crafted string.

CVE-2013-4339

nvd

около 12 лет назад

WordPress before 3.6.1 does not properly validate URLs before use in an HTTP redirect, which allows remote attackers to bypass intended redirection restrictions via a crafted string.

GHSA-3j2h-mfvw-w96c

github

больше 3 лет назад

WordPress before 3.6.1 does not properly validate URLs before use in an HTTP redirect, which allows remote attackers to bypass intended redirection restrictions via a crafted string.

EPSS

Процентиль: 75%

0.00882

Низкий