Описание
Open redirect vulnerability in the Modern FAQ (irfaq) extension 1.1.2 and other versions before 1.1.4 for TYPO3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL, probably in the "return url parameter."
Ссылки
- Vendor Advisory
- Patch
- PatchVendor Advisory
- Vendor Advisory
- Patch
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.1.2 (включая)
Одновременно
Одно из
cpe:2.3:a:netcreators:irfaq:*:*:*:*:*:*:*:*
cpe:2.3:a:netcreators:irfaq:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:netcreators:irfaq:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:netcreators:irfaq:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:netcreators:irfaq:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*
EPSS
Процентиль: 57%
0.00357
Низкий
5.8 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
больше 3 лет назад
Open redirect vulnerability in the Modern FAQ (irfaq) extension 1.1.2 and other versions before 1.1.4 for TYPO3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL, probably in the "return url parameter."
EPSS
Процентиль: 57%
0.00357
Низкий
5.8 Medium
CVSS2
Дефекты
CWE-20